Bug 803822

Summary: Tech Preview: Add support for central management of the SSH keys
Product: Red Hat Enterprise Linux 6 Reporter: Rob Crittenden <rcritten>
Component: ipaAssignee: Rob Crittenden <rcritten>
Status: CLOSED ERRATA QA Contact: IDM QE LIST <seceng-idm-qe-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.2CC: dpal, jcholast, jgalipea, mkosek
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ipa-2.2.0-8.el6 Doc Type: Bug Fix
Doc Text:
Support for central management of SSH keys Previously, it was not possible to centrally manage host and user SSH public keys. Red Hat Enterprise Linux 6.3 includes SSH public key management for Identity Management servers as a Technology Preview. OpenSSH on Identity Management clients is automatically configured to use public keys which are stored on the Identity Management server. SSH host and user identities can now be managed centrally in Identity Management.
 Story Points: ---
Clone Of:
: 819600 (view as bug list) Environment:
Last Closed: 2012-06-20 13:21:18 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 819600    

Description Rob Crittenden 2012-03-15 17:25:52 UTC 
Description of problem:

This is a tracking BZ for this feature to be added as a Tech Preview.

It call to add a way to manage SSH keys, hosts and other elements centrally. 

http://pad.engineering.redhat.com/ssh-keys-in-ipa-overview
Comment 2 Martin Kosek 2012-03-30 06:52:45 UTC 
SSH feature was fixed upstream:

master:
431286a0f61e7bc61d05a6da172cad07801652c2
64883787645cc972e1b6f905a235e0f4df8fcf2a
e5c07508060bdafb315c25cd712ceb23508ab20a
ca3f3041106dbaa8462aeb78c35b640b169d694a
3c2b0fc28ae21c7e4b26961e28e2eb0ba0559d29
9b6baf9beeb733d77883f4ed32e553265ee15543
63ea0a304ec734a64d28e7c9b0f2b172224155d6

ipa-2-2:
9625bf4a0ddf97fb849ea960b349dbffba37eada
dc5c6b18212e35b420572184d25056415ffeedc5
f2d3f916808fbfcf2ea35c6aa7a9eeca1ed5f492
36eefa2f6be80589e64dd10c8b6da307f773d006
502eafb92d71762da0f3ba4a95a59dfe2264ba94
853904459046dc2a548e20298780e3d578532345
0708ea2adb1f2daad201a2a205c566994fe0be3c
Comment 6 Jan Cholasta 2012-04-25 09:44:02 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Cause:
IPA provided no support for central management of host and user SSH public keys.

Consequence:
It was not possible to centrally manage SSH host and user identities.

Change:
Support for SSH public key management was added to IPA server, OpenSSH on IPA clients is automatically configured to use the public keys stored on IPA server.

Result:
SSH host and user identities can be managed centrally in IPA.
Comment 7 Martin Prpič 2012-05-02 12:17:39 UTC 
    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -1,11 +1,3 @@
-Cause:
-IPA provided no support for central management of host and user SSH public keys.
+Support for central management of SSH keys
 
-Consequence:
+Previously, it was not possible to centrally manage host and user SSH public keys. Red Hat Enterprise Linux 6.3 includes SSH public key management for Identity Management servers as a Technology Preview. OpenSSH on Identity Management clients is automatically configured to use public keys which are stored on the Identity Management server. SSH host and user identities can now be managed centrally in Identity Management.-It was not possible to centrally manage SSH host and user identities.
-
-Change:
-Support for SSH public key management was added to IPA server, OpenSSH on IPA clients is automatically configured to use the public keys stored on IPA server.
-
-Result:
-SSH host and user identities can be managed centrally in IPA.
Comment 8 Jenny Severance 2012-05-07 16:55:43 UTC 
feature is in and technical preview. closing bug

6.4 feature bug
https://bugzilla.redhat.com/show_bug.cgi?id=819600
Comment 10 errata-xmlrpc 2012-06-20 13:21:18 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0819.html