According to the doc, 
In order to manage user keys, SSSD has a tool, sss_ssh_authorizedkeys, which performs two operations:
  1. Retrieves the user's public key from the user entries in the Identity Management (IPA) domain.
  2. Stores the user key in a custom file, .ssh/sss_authorized_keys, in the standard authorized keys format.
So i can get the sss_ssh_authorizedkeys to spit out the publickey, and can auth using it via sshd, however, I do not see .ssh/sss_authorized_keys being created under users directory. I even tried creating the file and see if it gets updated.
Don't see anything obvious in the ssh_config that would indicate adding authorized_keys. 
Anyone?