> You can either continue as usual with an authorized_keys file in their > home directories, or look at the LPK patch available for OpenSSH that > allows storing public keys in LDAP. > > Having the users in LDAP has absolutely no effect on how key-based > logins work with SSH, but it does open up some other options. So the easiest route to take might be to dis-allow ssh logins for everyone except my few authorized users via the /etc/security/access file? And then to allow exceptions on a case by case basis using this file as well? -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
