Alexander Bokovoy

@abbra
155 Followers
71 Following
361 Posts
Samba, FreeIPA, SSSD, and a lot of other topics people remember when office infrastructure doesn't work.
Show threadAlexander BokovoyMar 10

Demo 2: login with SSH key, use Kerberos ticket for access of FreeIPA management interface. Lifetime was set to 2 minutes to help my slow and errorneous typing.

https://youtu.be/Bx7_ZJskofo

ipa openssh s4u demo 2

YouTube
Show threadAlexander BokovoyMar 10

COPR repo for Fedora 43-45: dnf copr enable dbelyavs/openssh-gss-s4u

Demo 1: login with SSH key, use Kerberos ticket for sudo authentication. Lifetime set to 1 minute to help with the demo.

https://youtu.be/hlxFCs_RIRE

ipa openssh s4u demo

YouTube
Alexander BokovoyMar 10
Got some progress with protocol transition in #OpenSSH: if you login with any authentication mechanism that does not lead to creation of #Kerberos tickets, now you can configure your server to generate one on the user's behalf. This uses Services For User (S4U) extensions available in Active Directory and #FreeIPA implementations. There are few issues we still trying to address (and bugs found during this development) but it looks promising.

Couple demos in the next toots:
Alexander BokovoyFeb 1
Identity and Access Management devroom #iam at #FOSDEM started with the full room already. We are also tracking air quality in the room and try to ventilate regularly. Thanks to https://fosdem26-air.autkin.net/ project for that!
FOSDEM'26 Air quality monitoring | FOSDEM'26 Air quality monitoring

FOSDEM'26 Air quality monitoring | FOSDEM'26 Air quality monitoring | |

Alexander BokovoyJan 31
#FreeIPA at #FOSDEM :)
Alexander BokovoyJan 31
We are almost ready with #FreeIPA #SSSD #Keycloak stand at #FOSDEM. Come to visit us at building K!
Alexander BokovoyJan 29
The new CentOS branding is cute. #centosconnect
Alexander BokovoyJan 28

About to leave to Brussels for #CentOSConnect and #FOSDEM. We will have a #FreeIPA / #SSSD / #Keycloak stand on Saturday (at building K level 1 group C) and Identity and Access Management devroom (H.2214) on Sunday.

Come to see and discuss!

Alexander BokovoyJan 12
From the spammers who sell "... attendees list" got today "FOSDEM 2026 attendees list" service proposal. Went straight to spam folder.
Alexander BokovoyDec 12

#FOSDEM #IAM Full program of the FOSDEM 2026 Identity and Access Management devroom is now available. Come to Brussels on Sunday, February 1st, 2026 to join us at room H.2214 from 9:00 to 17:00!

https://fosdem.org/2026/schedule/track/identity-and-access-management/

FOSDEM 2026 - Identity and Access Management