ssh-ldap-helper man page
ssh-ldap-helper — sshd helper program for ldap support
|ssh-ldap-helper|| [-devw] [-f |
ssh-ldap-helper is used by sshd(1) to access keys provided by an LDAP. ssh-ldap-helper is disabled by default and can only be enabled in the sshd configuration file
/etc/ssh/sshd_config by setting AuthorizedKeysCommand to “/usr/libexec/openssh/ssh-ldap-wrapper”.
ssh-ldap-helper is not intended to be invoked by the user, but from sshd(8) via ssh-ldap-wrapper.
The options are as follows:
- Set the debug mode; ssh-ldap-helper prints all logs to stderr instead of syslog.
- Implies -w; ssh-ldap-helper halts if it encounters an unknown item in the ldap.conf file.
- ssh-ldap-helper uses this file as the ldap configuration file instead of /etc/ssh/ldap.conf (default).
- ssh-ldap-helper prints out the user's keys to stdout and exits.
- Implies -d; increases verbosity.
- ssh-ldap-helper writes warnings about unknown items in the ldap.conf configuration file.
sshd(8), sshd_config(5), ssh-ldap.conf(5),
ssh-ldap-helper first appeared in OpenSSH 5.5 + PKA-LDAP .