The one place for your designs
To enable design management, you'll need to meet the requirements. If you need help, reach out to our support team for assistance.
Locked users can connect using SSH keys
Hello,
Using Debian Jessie, configured with fusiondirectory repo : deb http://repos.fusiondirectory.org/debian-jessie jessie main Version installed is 1.0.9.1-1. Plugin SSH installed and fusiondirectory-plugin-ssh-schema installed/inserted on my SLAPD server.
I use a ssh-ldap-pubkey script on my servers to connect using public key authentication. When I lock a user in fusiondirectory, he can still connect to the server using his private key (no more sudo possible).
I think the way the user is locked is by adding a "! " to the encrypted password, so the ssh keys are not impacted... It could be OK to do the same thing on all the sshPublicKey attributes of the account ? ex : ssh-rsa !AAAAB3NzaC1yc2EAAAADAQABAAABAQD....
Or adding a keyword (diabled ?) at the begining of the key ? ex: disabled-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD....
Regards
(from redmine: issue id 4385, created on 2015-12-28, closed on 2016-01-22)
- Relations:
- copied_to #4473
- Changesets:
- Revision 5207c5fd by Côme Chilliet on 2016-01-21T03:25:56.000Z:
Fixes #4385 Ignoring disabled- prefix when parsing SSH keys- Revision 16ec16e1 by Côme Chilliet on 2016-01-21T03:26:56.000Z:
Fixes #4385 Ignoring disabled- prefix when parsing SSH keys- Revision 0c07fabb by Côme Chilliet on 2016-01-21T03:27:12.000Z:
Fixes #4385 Ignoring disabled- prefix when parsing SSH keys- Custom Fields:
- Bug in version: 1.0.9.1