[389-users] Preventing ssh keys from granting a user access when LDAP account is disabled.
Gerrard Geldenhuis
Gerrard.Geldenhuis at betfair.com
Tue Jul 20 16:45:10 UTC 2010
Hi
There is a bugzilla raised concerns users still being able to login if they have ssh keys even if there ldap account is disabled.
https://bugzilla.redhat.com/show_bug.cgi?id=455350
I have experimented a bit in PAM with ordering to try and find a solution but so far I have not been very successful. The solution/bugfix in the bugzilla is to store authorized keys centrally in LDAP. I was wondering that apart from that solution is there any other suggested solution or way of configuring PAM to disallow a person login when his/her account is disabled?
Regards
________________________________________________________________________
In order to protect our email recipients, Betfair Group use SkyScan from
MessageLabs to scan all Incoming and Outgoing mail for viruses.
________________________________________________________________________
More information about the 389-users
mailing list