Feature #9399
closedpkg support for SSH + sudo authentication via LDAP
100%
Description
Hi Folks,
You have a very usable and user-friendly webUI configuration tool for setting up LDAP authorization for webUI access. The integration of LDAP authorization to SSH and sudo is, however, more difficult than would be typical on a barebones server environment, for two reasons:
1) missing "nss_ldap" in the pfSense pkg repository. This package is required for the LDAP-specific modifications in /etc/nsswitch.conf to work. Importing the package file manually works, but that's something we typically try to avoid in usual practice.
2) 'sudo' package in pfSense repository does not have LDAP support compiled in. Again, we can use our own local packages at need, but it would be nice to have a pfSense-sanctioned package available, especially the pfSense-customized version. Perhaps an alternate pfSense-pkg-sudo-ldap package could be created?
Thanks for your consideration on these items!