On Mon, 2022-05-09 at 21:56 +0200, Stefan Kania via samba
wrote:> Error verifying signature: parse error
> --------------ms070003050900080403010904
> Content-Type: text/plain; charset=UTF-8
> Content-Transfer-Encoding: 7bit
>
> Hi Rowland
>
> Am 09.05.22 um 20:23 schrieb Rowland Penny via samba:
> > On Mon, 2022-05-09 at 20:10 +0200, Stefan Kania via samba wrote:
> > > Error verifying signature: parse error
> > > --------------ms000904050908020602030103
> > > Content-Type: text/plain; charset=UTF-8
> > > Content-Transfer-Encoding: 7bit
> > >
> > > Hi to all,
> > >
> > > with OpenLDAP there is an ObjectClass to store public-keys.
> > > http://pig.made-it.com/ldap-openssh.html
> > >
> > > These public-keys can then be used together with ssh using the
> > > parameter
> > > "AuthorizedKeysCommand" in sshd_conf. Is there a schema
or
> > > ObjectClass
> > > for Samba AD to store publickeys in AD or do I have to write my
> > > own
> > > attribute? All I found was a way to add an own Attribute to AD:
> > >
https://blog.laslabs.com/2016/08/storing-ssh-keys-in-active-directory/
> >
> > Yes you can extend the schema, but why bother, just use kerberos.
> Most of the time using Kerberso is fine, but for some hosts I need
> public-key authetnication.
> > If you really want to extend the schema, I have an ldif somewhere.
> If you find one thart would ben nice, so I don't have to fiddle
> around ;-)
I remembered something, it is here:
https://wiki.samba.org/index.php/Samba_AD_schema_extensions
Rowland