lpkfuse - SSH Public Keys in LDAP using FUSE

This is a works in progress:

Configuration Files


;uri      = ldap.example.com
;uri      = ldap1.example.com:1234, ldap2.example.com
uri       = ldap://ldap1.example.com, ldaps://ldap2.example.com:3389, ldapi:///

;username = "cn=username,ou=accounts,dc=example,dc=com"
;password = the-biggest-secret

; timeout in seconds
;timeout  = 5

base    = "ou=accounts,dc=example,dc=com"
filter  = (objectClass=posixAccount)
key     = cn


#lpkfuse#       /opt/lpkfuse    fuse    ro,config=/etc/ssh/lpkfuse,debug         0  0
#lpkfuse#       /opt/lpkfuse    fuse    ro,config=/etc/ssh/lpkfuse,verbose       0  0
lpkfuse#        /opt/lpkfuse    fuse    ro,config=/etc/ssh/lpkfuse               0  0

N.B. Debian users should look at Debian Bug #526115 - [fuse-utils] fuse entries in fstab are not mounted automatically.


AuthorizedKeysFile      /opt/lpkfuse/%u


It is worth configuring the OOM system to pass over the daemon for obvious reasons:

echo -17 > /proc/$(pgrep lpkfuse)/oom_adj || true


lpkfuse.txt · Last modified: 2013/01/12 18:30 by alex
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 3.0 Unported
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Run by Debian Driven by DokuWiki