December 11th, 2016, 09:02 AM
ldapns.schema - how to disallow SSH-KEY when access is disables?
we using LAM (ldap-account-manager) to manage users. For "pam_check_host_attr" we use the "ldapns.schema". This is working fine.
But when you have servers with home mounted on nfs, and the user send his/her sshkey to the homedirectory the user is alway able to login
even if the access was blocked with the "pam_check_host_attr".
Is there a way to disable sshlogins with keys too when the login via this schema is locket?
LDAPserver is on Ubuntu 16.04. Clients also Ubuntu 16.04.
Thanks and best Regards