I am trying to figure out how I can retain personal SSH keys (probably the most important part, or at least important to have an alternative connection method) while also having modern tools like SSO or at least SAML, some way to federate to different ADs.

I know there are a few things out there like Authentik and Authelia, but not 100% sure Authentik covers those needs above. Does anyone have experience with these or other modern LDAP alternatives that work well with Linux?

  • astraeus@programming.devOP
    link
    fedilink
    arrow-up
    2
    ·
    2 years ago

    Yeah, users in AD and the FreeIPA replacement essentially handles the SSH key management + middle-man the auth to Linux servers.

      • astraeus@programming.devOP
        link
        fedilink
        arrow-up
        1
        ·
        2 years ago

        I think my main concern is FreeIPA’s longevity. As a tool, it’s rather outdated even in its latest version. It works, but the upkeep on it is not quite robust. Its implementation of AD standards are also limited. This is why I’m looking for an alternative to FreeIPA.