Red Hat Bugzilla – Bug 671892
AuthorizedKeysCommand doesn't work
Last modified: 2011-03-17 03:50:31 EDT
sshd fails to lookup authorized keys in ldap
AuthorizedKeysCommand "/usr/libexec/openssh/ssh-ldap-helper -s %u"
user_key_via_command_allowed2 does a stat on the AuthorizedKeysCommand, but of course the path
/usr/libexec/openssh/ssh-ldap-helper -s %u doesn't exist.
An option would be to adjust ssh-ldap-helper to accept the username as the first argument, and make AuthorizedKeysCommand /usr/libexec/openssh/ssh-ldap-helper
This does happen on rawhide as well.
Would you mind taking a look, this is preventing me from upgrading all my machines from F-13 to F-14
please test openssh-5.8p1-10.fc16.1
and modify the configuration according to HOWTO.ldap-keys
and report the result please
Yes, this works, thanks.
Using a shellscript as a wrapper feels a bit hackish though. I take it you're going to modify ssh-ldap-helper to just accept the user without the -s so the wrapper isn't needed?
the ssh-ldap-helper have another possible parameters. IMHO the wrapper is pretty fine solution.
Ok, fair enough.
HOWTO.ldap-keys says you have to use:
But I could only get it working by quoting the command:
everything is repaired in current rawhide