Opened 5 years ago
Closed 5 years ago
#2239 closed task (fixed)
OSGeo 7 ldap ssh access
| Reported by: | robe | Owned by: | |
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | SysAdmin | Keywords: | |
| Cc: |
Description
I created an lxd container
outlined here:
That has Debian 10 installed, and LDAP SSH libs, and configured to connect with ldap.osgeo.org.
I however have not been successful being able to log in with it using my ldap account.
I suspect it's something really simple I am missing.
The Ldapsearch stuff works fine. So does
getent passwd <someldapuser>
Usually when that works all is set.
The moved things around quite a bit in debian 10 for ldap, so it might be just a file config I am missing. Cause things I normally put in one file had to be in a different one.
This I was hoping would serve two purposes
1) Be a skeleton for setting up debina with ldap / ssh access 2) Eventually build a DMZ container that people would need to log into first to access the other containers.
I'm going to try next to build a debian 9 container instead and do the same to rule out just an issue with how they changed ssh/ldap in debian 10.
I had tried an ubuntu 18.04 earlier and didn't even get as far with it as I did with this debian10. Both have this extra systemd stuff which confuses me.
Change History (2)
comment:1 by , 5 years ago
comment:2 by , 5 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
download container was created from this image and has port 22 open
For old containers I don't plan to have ssh widely open and plan to force people to go thru the download osgeo container which requires ssh key.
update - I successfully configured a ldap ssh debian 9 container that I can ssh into using my ldap account. So I think it's just a step I missed in debian 10 cause the file paths changes. Setup detailed here - https://git.osgeo.org/gitea/sac/osgeo7/wiki/Debian-9-container-with-ldap-ssh
the debian 9 container can be accessed by sac members using