#2711 [RFE] Provide interface for SSH to fetch user certificate
Closed: Fixed None Opened 4 years ago by dpal.

If user uses a certificate on a smart card to login into a remote server his public cert needs to be delivered to the remote server. It can be done by putting SSH keys into .ssh/authorized_keys however this does not scale. It is better to be able to fetch keys from a central server like AD or IdM. We already have similar capability with traditional SSH keys so this RFE is to provide a mechanism in SSSD to fetch a cert from central server and pass it to the SSH via an agent.

It is also related to the IdM server side ticket https://fedorahosted.org/freeipa/ticket/4955 and should be tested jointly.

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.13.2

Fields changed

rhbz: => todo

milestone: SSSD 1.13.2 => SSSD 1.13.1
owner: somebody => sbose

Fields changed

resolution: => fixed
status: new => closed

Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=854369 (Red Hat Enterprise Virtualization Manager)

rhbz: todo => [https://bugzilla.redhat.com/show_bug.cgi?id=854369 854369]

Metadata Update from @dpal:
- Issue assigned to sbose
- Issue set to the milestone: SSSD 1.13.1

2 years ago

Login to comment on this ticket.