https://github.com/sergiotocalini/ldapkeys
LDAP SSH Keys
https://github.com/sergiotocalini/ldapkeys
authorized-keys ldap-ssh-keys openssh-server
Last synced: about 1 year ago
JSON representation
LDAP SSH Keys
- Host: GitHub
- URL: https://github.com/sergiotocalini/ldapkeys
- Owner: sergiotocalini
- License: gpl-3.0
- Created: 2016-08-19T23:58:19.000Z (almost 10 years ago)
- Default Branch: master
- Last Pushed: 2019-02-11T09:25:32.000Z (over 7 years ago)
- Last Synced: 2025-02-17T23:11:50.793Z (over 1 year ago)
- Topics: authorized-keys, ldap-ssh-keys, openssh-server
- Language: Shell
- Homepage:
- Size: 27.3 KB
- Stars: 2
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# ldapkeys
SSH LDAP keys
Installation
------------
Default variables:
NAME|VALUE
----|-----
HOST|localhost
BINDDN|cn=binduser,ou=auth,dc=example,dc=com
BINDPW|xxxxxx
BASEDN|ou=people,dc=example,dc=com
OPTIONS|
ATTR_USER|uid
ATTR_KEYS|sshPublicKey
ATTR_FILTER|
SED|`which sed`
LDAPSEARCH|`which ldapsearch`
CACHE_DIR|/etc/ldap/keys
CACHE_TTL|5
KEYS_OWNER|nobody
```
#~ git clone https://github.com/sergiotocalini/ldapkeys.git
#~ ./ldapkeys/install.sh "${HOST}" "${BINDDN}" "${BINDPW}" "${BASEDN}" \
"${OPTIONS}" "${ATTR_USER}" "${ATTR_KEYS}" \
"${ATTR_FILTER}" "${SED}" "${LDAPSEARCH}" \
"${CACHE_DIR}" "${CACHE_TTL}" "${KEYS_OWNER}"
```
Configuration
-------------
```
#~ cat /etc/ldap/ldapkeys.conf
HOST="localhost"
BINDDN="cn=binduser,ou=auth,dc=example,dc=com"
BINDPW="xxxxxx"
BASEDN="ou=people,dc=example,dc=com"
OPTIONS=""
ATTR_USER="uid"
ATTR_KEYS="sshPublicKey"
ATTR_FILTER=""
SED="/bin/sed"
LDAPSEARCH="/usr/bin/ldapsearch"
CACHE_DIR="/etc/ldap/keys"
CACHE_TTL="5"
KEYS_OWNER="nobody"
#~
```
Execution
---------
```
#~ /usr/local/bin/ldapkeys -h
Usage: ldapkeys [Options]
Options:
-h Displays this help message.
-u ARG(str) Username.
-c ARG(str) ldapkeys configuration file (default=/etc/ldap/ldapkeys.conf).
-v Show the script version.
Please send any bug reports to sergiotocalini@gmail.com
#~
```
```
#~ /usr/local/bin/ldapkeys -u ${USER}
...
#~
```
OpenSSH
-------
```
#~ cat /etc/ssh/sshd_config
...
AuthorizedKeysCommand /usr/local/bin/ldapkeys
AuthorizedKeysCommandUser nobody
...
#~
```