[389-users] Migrating to LDAP authentication
Sean Carolan
scarolan at gmail.com
Tue Feb 2 17:50:16 UTC 2010
> You can either continue as usual with an authorized_keys file in their
> home directories, or look at the LPK patch available for OpenSSH that
> allows storing public keys in LDAP.
>
> Having the users in LDAP has absolutely no effect on how key-based
> logins work with SSH, but it does open up some other options.
So the easiest route to take might be to dis-allow ssh logins for
everyone except my few authorized users via the /etc/security/access
file? And then to allow exceptions on a case by case basis using this
file as well?
More information about the 389-users
mailing list