Is it possible to use public key authentication together with ldap accounts?
I've setup LDAP authentication for SSH, so that all accounts are in LDAP. This is done using pretty much the way described in the handbook. That means sshd uses pam and pam_ldap to authenticate people. This works great, so there's no problem with the ldap config.
I figured I should be able to do something like this
And not have to use my password. But it still asks for my password. This got me thinking.. Is what I want even possible? If the userdata is stored in ldap, such as the homedir (which you need to find the authorized_keys), you may need to bind to find the homedir, but to bind, you need the password..? Can I get around this somehow?
I've setup LDAP authentication for SSH, so that all accounts are in LDAP. This is done using pretty much the way described in the handbook. That means sshd uses pam and pam_ldap to authenticate people. This works great, so there's no problem with the ldap config.
I figured I should be able to do something like this
$ ssh-keygen
$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
$ ssh localhost
And not have to use my password. But it still asks for my password. This got me thinking.. Is what I want even possible? If the userdata is stored in ldap, such as the homedir (which you need to find the authorized_keys), you may need to bind to find the homedir, but to bind, you need the password..? Can I get around this somehow?