sss_ssh_authorizedkeys.1.xml revision ab5f9b58ae740868cb09e92379ed41d30b9401ac
7f235c0d101d71224c8e498ac8f7fde1f98596c7dgaudet<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE reference PUBLIC "-//OASIS//DTD DocBook V4.4//EN"
"http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
<reference>
<title>SSSD Manual pages</title>
<refentry>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/upstream.xml" />
<refmeta>
<refentrytitle>sss_ssh_authorizedkeys</refentrytitle>
<manvolnum>1</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>sss_ssh_authorizedkeys</refname>
<refpurpose>get OpenSSH authorized keys</refpurpose>
</refnamediv>
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>sss_ssh_authorizedkeys</command>
<arg choice='opt'>
<replaceable>options</replaceable>
</arg>
<arg choice='plain'><replaceable>USER</replaceable></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<command>sss_ssh_authorizedkeys</command> acquires SSH
public keys for user <replaceable>USER</replaceable> and
outputs them in OpenSSH authorized_keys format (see the
<quote>AUTHORIZED_KEYS FILE FORMAT</quote> section of
<citerefentry><refentrytitle>sshd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> for more
information).
</para>
<para>
<citerefentry><refentrytitle>sshd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> can be configured
to use <command>sss_ssh_authorizedkeys</command> for public
key user authentication if it is compiled with support for
either <quote>AuthorizedKeysCommand</quote> or
<quote>PubkeyAgent</quote> <citerefentry>
<refentrytitle>sshd_config</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> options.
</para>
<para>
If <quote>AuthorizedKeysCommand</quote> is supported,
<citerefentry><refentrytitle>sshd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> can be configured to
use it by putting the following directives in <citerefentry>
<refentrytitle>sshd_config</refentrytitle>
<manvolnum>5</manvolnum></citerefentry>:
<programlisting>
AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys
AuthorizedKeysCommandUser nobody
</programlisting>
</para>
<para>
If <quote>PubkeyAgent</quote> is supported,
<citerefentry><refentrytitle>sshd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> can be configured to
use it by using the following directive for <citerefentry>
<refentrytitle>sshd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> configuration:
<programlisting>
PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u
</programlisting>
</para>
</refsect1>
<refsect1 id='options'>
<title>OPTIONS</title>
<variablelist remap='IP'>
<varlistentry>
<term>
<option>-d</option>,<option>--domain</option>
<replaceable>DOMAIN</replaceable>
</term>
<listitem>
<para>
Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>.
</para>
</listitem>
</varlistentry>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/param_help.xml" />
</variablelist>
</refsect1>
<refsect1 id='exit_status'>
<title>EXIT STATUS</title>
<para>
In case of success, an exit value of 0 is returned. Otherwise,
1 is returned.
</para>
</refsect1>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/seealso.xml" />
</refentry>
</reference>