- Support for central management of SSH keys, BZ#803822
- Previously, it was not possible to centrally manage host and user SSH public keys. Red Hat Enterprise Linux 6.3 includes SSH public key management for Identity Management servers as a Technology Preview. OpenSSH on Identity Management clients is automatically configured to use public keys which are stored on the Identity Management server. SSH host and user identities can now be managed centrally in Identity Management.Package: sssd-1.8.0-32
- SELinux user mapping, BZ#803821
- Red Hat Enterprise Linux 6.3 introduces the ability to control the SELinux context of a user on a remote system. SELinux user map rules can be defined and, optionally, associated with HBAC rules. These maps define the context a user receives depending on the host they are logging into and the group membership. When a user logs into a remote host which is configured to use SSSD with the Identity Management backend, the user's SELinux context is automatically set according to mapping rules defined for that user. For more information, refer to http://freeipa.org/page/SELinux_user_mapping. This feature is considered a Technology Preview.Package: sssd-1.8.0-32
- SSSD support for automount map caching, BZ#761570
- In Red Hat Enterprise Linux 6.3, SSSD includes a new Technology Preview feature: support for caching automount maps. This feature provides several advantages to environments that operate with
- Cached automount maps make it easy for a client machine to perform mount operations even when the LDAP server is unreachable, but the NFS server remains reachable.
- When the
autofsdaemon is configured to look up automount maps via SSSD, only a single file has to be configured:
/etc/sssd/sssd.conf. Previously, the
/etc/sysconfig/autofsfile had to be configured to fetch autofs data.
- Caching the automount maps results in faster performance on the client and lower traffic on the LDAP server.