On Fri, Mar 06, 2020 at 12:44:35PM -0000, Hristina Marosevic wrote:
no [pam] is not needed for your use case, access via ssh.
This command looks for certificates from a Smartcard connected to the
local system. However p11_child is used to validate the certificates for
the ssh key generation as well. You should add debug_level = 9 to the
[ssh] section of sssd.conf and then check sssd_ssh.log and p11_child.log
after calling sss_ssh_authorized_keys.
I can not find a file named p11_child.log (i searched everything from the root directory)
The only thing related to p11_child is executable /usr/libexec/sssd/p11_child - should I
use it to generate log?
Can you please help me with this?