On Thu, Mar 05, 2020 at 02:34:42PM -0000, Hristina Marosevic wrote:
Some more info (another prove that sssd does not derive the public
key from the user certificate):
/usr/bin/sss_ssh_authorizedkeys IIN32000000001 when I am using only
userCertificate;binary attribute (with the binary value of the certificate) is not giving
any output, while when I am using the userCertificate attribute associated with the value
of the public key (when the PKI authentication works fine) /usr/bin/sss_ssh_authorizedkeys
IIN32000000001 outputs the public key of the user which proves the oposite situation when
using public key (wether used along with certificate or not; in cases when user
certificate is used along with public key it gets mapped in sssd but it is not validated
or compared to the public key - I already mentioned this, and the authentication using the
private/public key pair work fine which is not fine :) )
I am just trying to give as much information in order to solve this problem. Sorry for
the spam.
Hi,
the best information would be the SSSD logs files with
'debug_level = 9'.
bye,
Sumit
BR,
Hristina
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahoste...