[Freeipa-users] SSH Keys?

Erinn Looney-Triggs erinn.looneytriggs at gmail.com
Mon Jun 4 17:34:08 UTC 2012


On 06/04/2012 09:28 AM, Kline, Sara wrote:
> Some of my users have expressed concerns about moving to FreeIPA because
> they prefer to use SSH. The main reason behind that is because they can
> use agent forwarding and only have to sign on once. I did find
> information on forwardable Kerberos tickets, kinit –f. Has anyone used
> this in place of SSH keys, or do you have other suggestions? There are a
> few service accounts scripted to work with SSH keys so we may have to
> leave a few local accounts on the servers. I don’t particularly like
> that idea.
> 
>  
> 
> Sara Kline
> 
> System Administrator
> 
> Transaction Network Services, Inc
> 
> 4501 Intelco Loop, Lacey WA 98503
> 
> Wk: (360) 493-6736
> 
> Cell: (360) 280-2495
> 
>  
> 
> 

Kerberos works just fine in place of SSH keys, I have been using it for
years now. As well, and I am sure others can provide more details, but I
believe the version 3 release of FreeIPA manages host and user SSH keys,
so I imagine with that you can use either or, though I am a kerb purist.

-Erinn





More information about the Freeipa-users mailing list