<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div style="-webkit-text-size-adjust: auto; ">If you are looking for the client side config, try this:</div><div style="-webkit-text-size-adjust: auto; "><br></div><div style="-webkit-text-size-adjust: auto; "><span style="font-size: 15px; line-height: 19px; white-space: nowrap; -webkit-tap-highlight-color: rgba(26, 26, 26, 0.296875); -webkit-composition-fill-color: rgba(175, 192, 227, 0.230469); -webkit-composition-frame-color: rgba(77, 128, 180, 0.230469); -webkit-text-size-adjust: none; "><a href="http://tuxotaku.com/bitbucket/2011/12/20/setting-up-passwordless-ssh-login-and-key-management-using-l.html">http://tuxotaku.com/bitbucket/2011/12/20/setting-up-passwordless-ssh-login-and-key-management-using-l.html</a></span></div><div><span style="font-size: 15px; line-height: 19px; white-space: nowrap; -webkit-tap-highlight-color: rgba(26, 26, 26, 0.292969); -webkit-composition-fill-color: rgba(175, 192, 227, 0.230469); -webkit-composition-frame-color: rgba(77, 128, 180, 0.230469);"><br></span></div><div><span style="font-size: 15px; line-height: 19px; white-space: nowrap; -webkit-tap-highlight-color: rgba(26, 26, 26, 0.292969); -webkit-composition-fill-color: rgba(175, 192, 227, 0.230469); -webkit-composition-frame-color: rgba(77, 128, 180, 0.230469);">It requires a recompile of ssh though.</span></div><div><span style="font-size: 15px; line-height: 19px; white-space: nowrap; -webkit-tap-highlight-color: rgba(26, 26, 26, 0.292969); -webkit-composition-fill-color: rgba(175, 192, 227, 0.230469); -webkit-composition-frame-color: rgba(77, 128, 180, 0.230469);"><br></span></div><div><span style="font-size: 15px; line-height: 19px; white-space: nowrap; -webkit-tap-highlight-color: rgba(26, 26, 26, 0.292969); -webkit-composition-fill-color: rgba(175, 192, 227, 0.230469); -webkit-composition-frame-color: rgba(77, 128, 180, 0.230469);">Elf</span></div><div style="-webkit-text-size-adjust: auto; "><br>On 2013-05-08, at 2:53 PM, Steve Ovens <<a href="mailto:steve_ovens@linux.com">steve_ovens@linux.com</a>> wrote:<br><br></div><blockquote type="cite" style="-webkit-text-size-adjust: auto; "><div><div dir="ltr"><div><div><div><div>Hi,<br><br></div>I have been quite happily using 389
for around a year, and while I am not at all advanced I have been able
to add Samba and sudoers to 389. I am now attempting to add openssh keys
to the user entries I am using the openssh-lpk_openldap.schema:<br>
<br><br><br>#<br># LDAP Public Key Patch schema for use with openssh-ldappubkey<br># Author: Eric AUGE <<a href="mailto:eau@phear.org" target="_blank">eau@phear.org</a>><br># <br># Based on the proposal of : Mark Ruijter<br>
#<br><br>
<br># octetString SYNTAX<br>attributetype ( 1.3.6.1.4.1.24552.500.1.1.1.13 NAME 'sshPublicKey' <br> DESC 'MANDATORY: OpenSSH Public key' <br> EQUALITY octetStringMatch<br> SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )<br>
<br># printableString SYNTAX yes|no<br>objectclass ( 1.3.6.1.4.1.24552.500.1.1.2.0 NAME 'ldapPublicKey' SUP top AUXILIARY<br> DESC 'MANDATORY: OpenSSH LPK objectclass'<br> MAY ( sshPublicKey $ uid ) <br>
)<br><br><br></div>I have run this through the <a href="http://ol-schema-migrate.pl" target="_blank">ol-schema-migrate.pl</a> and placed the output in /etc/dirsrv/slapd-ds/schema/62sshkeys.ldif.<br><br>I have restarted the server and there were no errors produced so I am assuming that it took the ldif fine.<br>
<br></div>How do I go about using the new schema. I have googled around
quite a bit, but I must be missing something. I would appreciate any
pointers and I fully intend on publishing a how-to on this (as I do for
most things over at <a href="http://www.overclockers.com/forums/showthread.php?t=730515" target="_blank">overclockers.com</a>)<br>
<br></div>Any guidance would be greatly appreciated!<br><br>Thanks<br clear="all"><br>-- <br><font size="1">Red Hat Certified Engineer<br>Ubuntu Certified Professional<br>Novell Datacenter Specialist<br>Novell Certified Linux Administrator<br>
LPIC-1 Certified<br>Linux+ Certified</font><br>
</div>
</div></blockquote><blockquote type="cite" style="-webkit-text-size-adjust: auto; "><div><span>--</span><br><span>389 users mailing list</span><br><span>389-<a href="mailto:users@lists.fedoraproject.org">users@lists.fedoraproject.org</a></span><br><span><a href="https://admin.fedoraproject.org/mailman/listinfo/389-users">https://admin.fedoraproject.org/mailman/listinfo/389-users</a></span></div></blockquote></body></html>