Comments on: OpenSSH 6.2.x and LDAP authentication

By: Johnny Morano

Johnny Morano — Mon, 17 Nov 2014 16:15:15 +0000

In reply to Krzysztof. Really? I have it like this:

root@machine01:~ # grep Authorized /etc/ssh/sshd_config 
AuthorizedKeysCommand /usr/bin/ldap_ssh_key.sh
AuthorizedKeysCommandUser nobody
root@machine01:~ # ls -ltr /usr/bin/ldap_ssh_key.sh
-rwxr-xr-x 1 root root 1077 Jun  6 10:06 /usr/bin/ldap_ssh_key.sh
root@machine01:~ # uname -a
Linux machine01 3.2.0-4-amd64 #1 SMP Debian 3.2.63-2+deb7u1 x86_64 GNU/Linux
root@machine01:~ #

Works fine ...

By: Krzysztof

Krzysztof — Mon, 17 Nov 2014 15:53:30 +0000

To work in Debian 7 it must be set
AuthorizedKeysCommandUser root

I try with nobody and got errors

By: ivan

ivan — Mon, 31 Mar 2014 08:49:29 +0000

In reply to Johnny Morano. Thanks. You are the best. it has just worked like charm!

By: Johnny Morano

Johnny Morano — Fri, 28 Mar 2014 07:08:26 +0000

In reply to Bert. This allows only users that are in a certain group ;-)

By: Johnny Morano

Johnny Morano — Fri, 28 Mar 2014 07:08:01 +0000

In reply to ivan. Hi, On the SSH server ;-)

By: ivan

ivan — Thu, 27 Mar 2014 05:51:57 +0000

where do i make these changes? is it the LDAP server on the client machines?

By: Bert

Bert — Fri, 20 Dec 2013 23:32:09 +0000

The other thing, is whats:
ALLOWED_GROUP=”6667″ ?

By: Bert

Bert — Fri, 20 Dec 2013 23:22:23 +0000

In reply to Johnny Morano. Thanks, is there anything to configure within them once installed?

By: Johnny Morano

Johnny Morano — Fri, 20 Dec 2013 22:37:32 +0000

In reply to Bert. Hi, Plain ldap-utils ;-)

By: Bert

Bert — Fri, 20 Dec 2013 22:34:30 +0000

Hi,

What prerequisites are required for this to work, I assume I need some kind of ldap application installing for the queries to the LDAP server to work?

Thanks