[Freeipa-users] SSH Keys?
Erinn Looney-Triggs
erinn.looneytriggs at gmail.com
Mon Jun 4 17:34:08 UTC 2012
On 06/04/2012 09:28 AM, Kline, Sara wrote:
> Some of my users have expressed concerns about moving to FreeIPA because
> they prefer to use SSH. The main reason behind that is because they can
> use agent forwarding and only have to sign on once. I did find
> information on forwardable Kerberos tickets, kinit –f. Has anyone used
> this in place of SSH keys, or do you have other suggestions? There are a
> few service accounts scripted to work with SSH keys so we may have to
> leave a few local accounts on the servers. I don’t particularly like
> that idea.
>
>
>
> Sara Kline
>
> System Administrator
>
> Transaction Network Services, Inc
>
> 4501 Intelco Loop, Lacey WA 98503
>
> Wk: (360) 493-6736
>
> Cell: (360) 280-2495
>
>
>
>
Kerberos works just fine in place of SSH keys, I have been using it for
years now. As well, and I am sure others can provide more details, but I
believe the version 3 release of FreeIPA manages host and user SSH keys,
so I imagine with that you can use either or, though I am a kerb purist.
-Erinn
More information about the Freeipa-users
mailing list