search for: qingtao

On 12/10/2024 12:04, Qingtao Cao wrote: > 4. Putting the #2 and #3 points above together, that "goto out;" line will > make the non-local user unable to login the device, despite of the fact > that its RSA public key has been setup properly on the remote LDAP server Suppose that user were allowed to login:...

...ublic key authentication will still be performed by the sshd server anyway. If the sshd security is jeopardized I guess there is no way out but to integrate nss-ldap. Thanks again! Harry On Sat, Oct 12, 2024 at 9:13?PM Brian Candler <b.candler at pobox.com> wrote: > On 12/10/2024 12:04, Qingtao Cao wrote: > > 4. Putting the #2 and #3 points above together, that "goto out;" line will > make the non-local user unable to login the device, despite of the fact > that its RSA public key has been setup properly on the remote LDAP server > > Suppose that user were allo...

On 12/10/2024 13:19, Qingtao Cao wrote: > Since there is no nss-ldap (not to mention sssd), a separate PAM > module has been used once the public key authentication is a success, > to allocate an unused uid/gid for the remote user, also creating its > home directory?(which are all specified on the LDAP server bu...

Hi openssh community, I am very new to the source code of openssh and trying to make the LDAP Public Key authentication work. I found that I need to change a line in the monitor.c to make it work, I would like to ask the community whether this is desirable at all. 1. I have created a pair of RSA private key and public key 2. I have setup the public key to the remote LDAP server, as the