sshd fails to lookup authorized keys in ldap /etc/ssh/sshd_config contains: AuthorizedKeysCommand "/usr/libexec/openssh/ssh-ldap-helper -s %u" user_key_via_command_allowed2 does a stat on the AuthorizedKeysCommand, but of course the path /usr/libexec/openssh/ssh-ldap-helper -s %u doesn't exist. An option would be to adjust ssh-ldap-helper to accept the username as the first argument, and make AuthorizedKeysCommand /usr/libexec/openssh/ssh-ldap-helper
Hi Jan, This does happen on rawhide as well. Would you mind taking a look, this is preventing me from upgrading all my machines from F-13 to F-14
please test openssh-5.8p1-10.fc16.1 and modify the configuration according to HOWTO.ldap-keys and report the result please
Yes, this works, thanks. Using a shellscript as a wrapper feels a bit hackish though. I take it you're going to modify ssh-ldap-helper to just accept the user without the -s so the wrapper isn't needed?
the ssh-ldap-helper have another possible parameters. IMHO the wrapper is pretty fine solution.
Ok, fair enough. HOWTO.ldap-keys says you have to use: AuthorizedKeysCommand /usr/libexec/openssh/ssh-ldap-wrapper But I could only get it working by quoting the command: AuthorizedKeysCommand "/usr/libexec/openssh/ssh-ldap-wrapper"
everything is repaired in current rawhide