RSS feed

Re: ssh public key auth using pam_ldap

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: ssh public key auth using pam_ldap

Hi Jason,


We are doing this currently however we only allow public key authentication, password based authentication is disabled.  I’m not sure if you can mix and match but this is what we went with.  Here is a gist with the relevant configs and some info that may be helpful:






From: nss-pam-ldapd-users <> on behalf of "Dana, Jason T." <>
Date: Tuesday, April 28, 2020 at 10:32 AM
To: "" <>
Subject: ssh public key auth using pam_ldap


CAUTION: This email originated from outside of the organization.

I am trying to configure pam and/or nslcd to query an AD/LDAP server when a user accesses a system via SSH using public key authentication.


I have successfully configured nslcd to query the AD/LDAP server and filter on a specific group. Unfortunately it does not appear to apply if the user is accessing the system using public key authentication. I have attempted a number of different sshd pam configuration changes and have added a pam_authz_search entry to nslcd.conf, but unfortunately none appear to be getting used.


Is this even possible or am I going down the wrong route?


Any help would be greatly appreciated! Thank you!



This email may contain confidential or protected material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive for the recipient), please contact the sender by reply email and delete all copies of this message.