4 months ago I’ve opened an RFE on pagure about proper support for SSH HBA with SSSD fetching hostkeys from LDAP, it’s described here: https://pagure.io/SSSD/sssd/issue/4106

Since there’s no updates on the RFE I would like to bring the discussion to the list.

I came across another issue regarding SSH HBA on RHEL7, that’s reported here: https://bugzilla.redhat.com/show_bug.cgi?id=1801459 and this motivated me to bring the discussion to here.

At this moment I’m working around the issue sharing the same SSH Host Keys between all the servers that should use SSH Hostbased Authentication, which is extremely bad and I really don’t want to continue in this path.

So is anyone out there having the same issues with Hostbased Authentication with SSSD + IPA?

Thanks,