Helper command for AuthorizedKeysCommand
in sshd.
Download from releases.
Create /etc/ldapkeys/config.toml
as below.
URL = "ldap://ldap.server.local"
BaseDN = "dc=example,dc=com"
# (Optional)
Filter = "(description=foo)"
# (Optional)
BindDN = "uid=foo,ou=People,dc=example,dc=com"
BindPassword = "secret_password"
And update your /etc/ssh/sshd_config
.
PubkeyAuthentication yes
AuthorizedKeysCommand /path/to/ldapkeys
AuthorizedKeysCommandUser nobody