#
# OpenSSH LDAP Public Key Schema
# Used by: SSH servers, Gitea, GitLab CE (with LDAP sync)
#
# OID: 1.3.6.1.4.1.24552.500.1.1 (OpenSSH project registered OID)
#
# Installation:
#   Include in slapd.conf or convert to LDIF for cn=config
#
# Usage:
#   Add 'ldapPublicKey' objectClass to user entries
#   Add 'sshPublicKey' attribute with public key(s)
#
# SSH Server Config (/etc/ssh/sshd_config):
#   AuthorizedKeysCommand /usr/local/bin/ldap-ssh-keys.sh
#   AuthorizedKeysCommandUser nobody
#

attributetype ( 1.3.6.1.4.1.24552.500.1.1.1.13
    NAME 'sshPublicKey'
    DESC 'OpenSSH Public Key'
    EQUALITY octetStringMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )

objectclass ( 1.3.6.1.4.1.24552.500.1.1.2.0
    NAME 'ldapPublicKey'
    DESC 'OpenSSH LDAP Public Key Objectclass'
    SUP top AUXILIARY
    MAY ( sshPublicKey $ uid ) )