558998ce664055a75595371118f818084d8f2b23Jan Cholasta<!DOCTYPE reference PUBLIC "-//OASIS//DTD DocBook V4.4//EN"
558998ce664055a75595371118f818084d8f2b23Jan Cholasta"http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
558998ce664055a75595371118f818084d8f2b23Jan Cholasta <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/upstream.xml" />
558998ce664055a75595371118f818084d8f2b23Jan Cholasta <refentrytitle>sss_ssh_authorizedkeys</refentrytitle>
558998ce664055a75595371118f818084d8f2b23Jan Cholasta <refpurpose>get OpenSSH authorized keys</refpurpose>
558998ce664055a75595371118f818084d8f2b23Jan Cholasta </refnamediv>
558998ce664055a75595371118f818084d8f2b23Jan Cholasta <cmdsynopsis>
558998ce664055a75595371118f818084d8f2b23Jan Cholasta <arg choice='plain'><replaceable>USER</replaceable></arg>
558998ce664055a75595371118f818084d8f2b23Jan Cholasta </cmdsynopsis>
558998ce664055a75595371118f818084d8f2b23Jan Cholasta </refsynopsisdiv>
558998ce664055a75595371118f818084d8f2b23Jan Cholasta <command>sss_ssh_authorizedkeys</command> acquires SSH
558998ce664055a75595371118f818084d8f2b23Jan Cholasta public keys for user <replaceable>USER</replaceable> and
558998ce664055a75595371118f818084d8f2b23Jan Cholasta outputs them in OpenSSH authorized_keys format (see the
558998ce664055a75595371118f818084d8f2b23Jan Cholasta <quote>AUTHORIZED_KEYS FILE FORMAT</quote> section of
558998ce664055a75595371118f818084d8f2b23Jan Cholasta <citerefentry><refentrytitle>sshd</refentrytitle>
558998ce664055a75595371118f818084d8f2b23Jan Cholasta <manvolnum>8</manvolnum></citerefentry> for more
558998ce664055a75595371118f818084d8f2b23Jan Cholasta information).
558998ce664055a75595371118f818084d8f2b23Jan Cholasta <citerefentry><refentrytitle>sshd</refentrytitle>
558998ce664055a75595371118f818084d8f2b23Jan Cholasta <manvolnum>8</manvolnum></citerefentry> can be configured
558998ce664055a75595371118f818084d8f2b23Jan Cholasta to use <command>sss_ssh_authorizedkeys</command> for public
558998ce664055a75595371118f818084d8f2b23Jan Cholasta key user authentication if it is compiled with support for
5f6ed9ee56da19b87270ab5428a5c5fce5aab21eJakub Hrozek <quote>AuthorizedKeysCommand</quote> option. Please refer
5f6ed9ee56da19b87270ab5428a5c5fce5aab21eJakub Hrozek to the <citerefentry>
5f6ed9ee56da19b87270ab5428a5c5fce5aab21eJakub Hrozek <manvolnum>5</manvolnum></citerefentry> man page for more
5f6ed9ee56da19b87270ab5428a5c5fce5aab21eJakub Hrozek details about this option.
558998ce664055a75595371118f818084d8f2b23Jan Cholasta If <quote>AuthorizedKeysCommand</quote> is supported,
558998ce664055a75595371118f818084d8f2b23Jan Cholasta <citerefentry><refentrytitle>sshd</refentrytitle>
558998ce664055a75595371118f818084d8f2b23Jan Cholasta <manvolnum>8</manvolnum></citerefentry> can be configured to
ab5f9b58ae740868cb09e92379ed41d30b9401acPavel Reichl use it by putting the following directives in <citerefentry>
558998ce664055a75595371118f818084d8f2b23Jan Cholasta<programlisting>
ab5f9b58ae740868cb09e92379ed41d30b9401acPavel Reichl AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys
ab5f9b58ae740868cb09e92379ed41d30b9401acPavel Reichl AuthorizedKeysCommandUser nobody
558998ce664055a75595371118f818084d8f2b23Jan Cholasta</programlisting>
558998ce664055a75595371118f818084d8f2b23Jan Cholasta <varlistentry>
558998ce664055a75595371118f818084d8f2b23Jan Cholasta Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>.
558998ce664055a75595371118f818084d8f2b23Jan Cholasta </varlistentry>
558998ce664055a75595371118f818084d8f2b23Jan Cholasta <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/param_help.xml" />
558998ce664055a75595371118f818084d8f2b23Jan Cholasta </variablelist>
c5ae83788cb6b8681e52c4d940a3fd88e87bd4d6Jan Cholasta In case of success, an exit value of 0 is returned. Otherwise,
c5ae83788cb6b8681e52c4d940a3fd88e87bd4d6Jan Cholasta 1 is returned.
544525ee1fc54d744c08465066e2b4a521f78224Stephen Gallagher <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/seealso.xml" />