sss_ssh_authorizedkeys fails with: Error looking up public keys when client cert present in IPA
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
sssd (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Xenial |
Won't Fix
|
Low
|
Unassigned |
Bug Description
When trying to get the key for a person with also a client cert present in IPA the following error shows:
```
(Thu Jun 7 14:37:11:920526 2018) [/usr/bin/
Error looking up public keys
```
What is supposed to happen:
return public key for user
Version Information:
Ubuntu 16.04.2 LTS
Updated sssd-common and related tools to latest: libipa-hbac0 libsss-idmap0 python-libipa-hbac python-sss sssd sssd-ad sssd-ad-common sssd-common sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy
so sssd is now at:
ii sssd-common 1.13.4-1ubuntu1.10 amd64 System Security Services Daemon -- common files
This doesn't happen on Centos 7.5 (sssd-common-
IPA server is on CentOS 7.5: ipa-server-
From what I've seen upstream, it might be related to the fairly new handling of x509 certificates with ssh certificates in them.
Status changed to 'Confirmed' because the bug affects multiple users.