From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id EA90C138334 for ; Fri, 3 Aug 2018 19:07:36 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 4F649E07DF; Fri, 3 Aug 2018 19:07:29 +0000 (UTC) Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id D62CEE07C9 for ; Fri, 3 Aug 2018 19:07:28 +0000 (UTC) Received: from [IPv6:2001:4dd7:a50a:0:e15b:6639:f53c:611b] (2001-4dd7-a50a-0-e15b-6639-f53c-611b.ipv6dyn.netcologne.de [IPv6:2001:4dd7:a50a:0:e15b:6639:f53c:611b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: whissi) by smtp.gentoo.org (Postfix) with ESMTPSA id 24B20335CA5; Fri, 3 Aug 2018 19:07:24 +0000 (UTC) To: gentoo-dev@lists.gentoo.org Cc: pr@gentoo.org, base-system@gentoo.org From: Thomas Deutschmann Subject: [gentoo-dev] News item review: OpenSSH LDAP support Openpgp: preference=signencrypt Autocrypt: addr=whissi@gentoo.org; prefer-encrypt=mutual; keydata= xsFNBFc4iggBEACg/drq2pkXyE0mO7cqfaH5UX9D2A8uaBWHcgVPZdf+bVlc7gT1b/TJgFBO yCecB1j9ReWWAE55nwraFL7+5XofRnwVzC3PglN/M/F02fudCeEkFfDtH65DZ67LV0QqXOZ7 e2aqD1NxJM1ydcehIoxgESiv8ctMCcb5Jui2A7vddxEBouQqJKDVqXqANEiBrtd0x4+noRC3 07BN80SgUiwuSJp8Y9+LSdKWGxiDxFAQygDlLWu1QIOg2PUjrM1ZtKCii8IcbnhsEPZj0jcQ f/omIHaksyfMdx6lHfSUZzzLQm41nhWlgYUxzW4D8Nh+ka51FIIWRWwNJTXQNpU8s32AT+rr K2hyNY0F+hnCRc0gUJtAACPZYNYNMlTCIb5yLKo5qoRKcHkAI3vAPEsPO8nmpYaxhI+9PwWJ 9BMaOZ0PjN5P5p0ierOd3yjuu0CIx+yirAvZMZYLx3HylFmuIke5GfcfzTuZhgRL1yoaftCH B0zTc1Rmfgk5dLOPeApgH4E8k3K7OIagzpMXjPsyvdBdI2z/j8unZNvPT5uMCAA9yP7TxijH JeNa6MZyDebzfF+QTK1tOL5pWZolCFKOULHIWK9nX2B3/JJ4r7+5wUmob5UCjKCxjK9xunY5 8TzbpaV517MaLVk1kYuFRptqwRYRJ45l1+qcYwkhUcC+qg06PQARAQABzStUaG9tYXMgRGV1 dHNjaG1hbm4gPHRob21hc0BkZXV0c2NobWFubi5iaXo+wsGABBMBCgAqAhsAAh4BAheABQkH hiUCBQsJCAcDBRUKCQgLBRYDAgEABQJXOfYKAhkBAAoJEFhJfuUdXXSlwnQQAIDi4tsMwzw5 ZY3wSs+E6c37W6i2WGgHvN6MOCxR6qthV3fVL3Q4E4EV8DoGHLLA8rs/OYbJs1aSxF8Omlys +sFiVysrMz1NNL7MGbZ/Ov1CpQqRH+6LFzVVcf3dBGqsI3kXg9aUNw2zETIj0ZyCb+VKZ3yC 1DOVFlmGjaH3DtPCJrfEGfcaweFyn2Azljaot9Dg0ExzmAqwohESQNCfSBYhUC0Mc0HiRtzd 1pTIVSmFDTToztnofsLrkMpciNGaj6D7Mm1hZpI41K4IQ6ZKcJDtWduisYNzgafVWvxtGhpY oAVWmO353WafGpbeoP6IVbHQhIcS1JuN1Sn+lM4QtV0GgSgL5j3OtKmRKNiAcZpHX800TX2V 8yUZN3dj2PMU7fzdnVM0MXNwAvOdcckco5zVExn3OHfTxyrUIyEysj01EKCQdZerWjRLnQ7B QR4ff851B+Sl92tVMPBch8WYVZNTwDzsqzKROAe2UnOCTQoVY7OXh6gRblqGuzllMyQ2bZUP V5XLKDpmysb/y43QKSY5aeO8SOKOv+b8kWAXSKzzXnteErhKeAlDm1PKuAfkjq4swOe3nci4 r1r34Ss03Xgt3cJ6Ep3K87qjlLLDwRVyGEgyDiDItHdyEyLGA44pmWLAJzttHMSt3d9/FsTI 2jwwH9GRFg3oMS9PsEURYIU8zsFNBFc4ixMBEADHHlLOkftcSY+jWd9Vb3uHpPGIpztqU/jd 4mPZvrQGIlZYMO+uGtJuDQVdohQHugNvvnr9hfBYDGlhyAYlRIGkFLdZbsim+An+FGr5+f/P tHikILc0X+FbO8bAc0OjNfUlFaTXeKdEBTtdNiO+0WYWw8CtgTEpng+178q4UnTBae1QiBh5 3YmW0H4t8HQEN/NDuVXEREQXwOtJcP9fxDVdP/ynwHbGajx+qbWaQhcHo57XXIsojH5XoEr9 yvviQW6F2tzp/i88YQ1snTVI0G39TzQO2EJbSQpYUptI0PGSUlMbkm4i46XHFO0q15aQSfAg Eh5NWWzwVel7qDO1YmXb49nhg60MmceAhk+1VGxpuA3RNl6hebYzYdQplDo8EJp1MCt+Z4Lt /tzb+smTFRMyE80QzehOSyvIWCSoGmWY4Njc90AV/P/hSXYQqbuRb3sB3PlPGda7ZwPsoh2A WZU331jeBWwB9YnUJFXP4jGbnpXjHO3+RkRL2A39ZzFki751sPpC3jv0sxJhLBOkJlC+VI/7 t5ODzWElimA8Py1VmZfd2C9eBHYU4Eeay1EN7nl75Hsj2436dH9O45uIl838KNXWd4S+7/P5 NqWir9HjnhQwbaLZdJwJKjzDE9u4JvnAP0gmkqYIaNSAM9WfCA11LavNKJjaJNCc4Zkr2+w4 OQARAQABwsF8BBgBCgAmAhsMFiEExN1pX6cTjyQqoVY4WEl+5R1ddKUFAlrJMcoFCQWj8zcA CgkQWEl+5R1ddKW+Qw/+O/saVmYgBdWDc6Y2BzaOA3kRwixAGjMU2VMO5WifG2WkA1zd0kcY 1nR5XKosu/yLWX1WWde8Wh57BDD418JYMSnNyG976OXAeAgWuzmn+xtM8Tw2bHHCNVfCEqBl yS+lAdrXR3kIiJ/Ebr5EogsEZvVW9gowPoNIrzeXFYKqGGVc5Z4dQDgVRq7jgta6LJgOVYdP z6mrLTdjo4lIlC7U/w/dPBWUd0sn8XmtU5vbAfvgf9dfZtXGYnyI64EGr6I6oVyFj8QO/Ffo G/r+glBettColfcT7IiHUMb9i11Sd/FPsL/0EIHWG+a4JTg3QzAODMHF14BLpuqDElV5HlzX e9LafsH45PH/EvAxCNuOj6P1E4bPOHwD0Fhgia7YXi2OJVes9hWy8IrEgwUEDQQIFtECxdFa nkWlKiYyb9v+nqrjtugh6s6OicvAhnvhESky/QSr747tEnOAFTNYXXtz1BRvTu/tcyBK0m51 jW1Gwax+9ooGCnNEF2KknaW/NyLo4mFdvSOJOehcwOHn73G04GHSQSs6+f8Oy7GOriQCdwao aGduFUuKKOR05r5tstZHpuIW9mlL44LXzGQEEt6INpS0ha2XD28+ojXko2hPt7YgbTqOsFnT 34feWglZ58mWE7UyHEVXYeMIWqtQptgCf5fNc36jGay6gt0aLFlgy48= Organization: Gentoo Foundation, Inc Message-ID: <653d5959-e479-81c9-e537-9ae6d857ec3a@gentoo.org> Date: Fri, 3 Aug 2018 21:07:16 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:21.0) Gecko/20100101 Thunderbird/52.9.1 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="H2aCxYV2X35ILdjPfsZff3PDL4NZP3Fom" X-Archives-Salt: 951e0b36-8bea-4dee-875c-31ba263130ae X-Archives-Hash: eb712725dc8a6a8ca74832ee1f74ef33 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --H2aCxYV2X35ILdjPfsZff3PDL4NZP3Fom Content-Type: multipart/mixed; boundary="OG8IZ78izrK3p5HLIB7jclZFBgeChGpRt"; protected-headers="v1" From: Thomas Deutschmann Reply-To: gentoo-dev@lists.gentoo.org To: gentoo-dev@lists.gentoo.org Cc: pr@gentoo.org, base-system@gentoo.org Message-ID: <653d5959-e479-81c9-e537-9ae6d857ec3a@gentoo.org> Subject: News item review: OpenSSH LDAP support --OG8IZ78izrK3p5HLIB7jclZFBgeChGpRt Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable Hello everyone, please review the following news item. The 'xx'-es will be replaced with the publication date. --- Title: OpenSSH LDAP support Author: Thomas Deutschmann Posted: 2018-08-xx Revision: 1 News-Item-Format: 2.0 Display-If-Installed: net-misc/openssh When your sshd authenticates against LDAP, you have to migrate your current setup to a new one using sshd's "AuthorizedKeysCommand" option an= d use a wrapper provided by packages like the new sys-auth/ssh-ldap-pubkey because beginning with net-misc/openssh-7.7_p1, deprecated OpenSSH-LPK patch set no longer applies. We have created a short migration guide in the Wiki [1] for more details.= [1] https://wiki.gentoo.org/wiki/SSH/LDAP_migration --- sys-auth/ssh-ldap-pubkey isn't yet available in Gentoo repository. We will publish together with the merge of PR 9400 [1]. See also: =3D=3D=3D=3D=3D=3D=3D=3D=3D [1] https://github.com/gentoo/gentoo/pull/9400 --=20 Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 --OG8IZ78izrK3p5HLIB7jclZFBgeChGpRt-- --H2aCxYV2X35ILdjPfsZff3PDL4NZP3Fom Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQKTBAEBCgB9FiEEM8WEgsQCKS0uPFwGlwn5DDyW/8gFAltkp+RfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDMz QzU4NDgyQzQwMjI5MkQyRTNDNUMwNjk3MDlGOTBDM0M5NkZGQzgACgkQlwn5DDyW /8j/tw/9EEryZ0THATTDO79NaYd1qLokxVupivZN3d2BQCPmxHQ/g6mwmxs3UYGa wGBaL8ml60WFawXr6xaeAXN9L30qVwWjh1xks86SYoAUUVKy+5t65k3FQzbGPyfD ondyFpdq1ZLVFLkDvt9QghJdwx52WJ2t3R7prKrw5YOyxk+V8n3SD7RcR61hlYLf eJnfld3XtlJxJuhKcTf8S+Ixg+dyffWWYvbjCDKejcIRz9PTsFYulRFFcf3pm6Cd FkaQVbEgGbzOkw+3NpBUN7WvQoFiCay3sr7LAXVU9VIli3ggeLCLXRtNheceFgol mOeCHFPRVeq5Jt8M4XaBRnsOOTSu90uXHUpC/FC4zWbNQDSq/O73crYBsEkhGCYF cAp8dMLuzVK57SHnHRhSgiZ51RoDbhZmRF7LwWKS0ljPSAJDz/OjdmUwOY60/+qa wk2N/9mYspJgEqIeOAPJ14tV1aFyZdkyXOjkYVczZ/8JgWqIe0iWvQEpn8z2tkaK 2o+5GlkcvI2CjwNFi/M1j8YCf9cayyL2ALbVDwXtYOff8gzuVZ/NwZIZX/T3T2Dq 9vowp2EqZ+kO3Ury32Fd47F15GUK55mu1aXv1XiCZNYXZvLSdtnsFM06oskf8Y76 Z0MwB4GsIoA8EynSKK3e4yNfHg8hHN8otaPoJjrRE0N2QfqI004= =zK3j -----END PGP SIGNATURE----- --H2aCxYV2X35ILdjPfsZff3PDL4NZP3Fom--