SSH public key authentication in an Active Directory environment

Storing SSH public keys in Windows Server Active Directory gives you a single location where you can manage keys instead of on all those servers. Win-win! Here is how to store user SSH keys in Active Directory for SSH authentication

With Microsoft having released their OpenSSH port for Windows Server, and you want to support ssh for your users, it's recommended to enable ssh key authentication rather than a username and password combination. If you don't want to add a .ssh/auhtorized_keys file for all your users (daunting task with tens / hundreds / thousands of servers), you can easily extend your Active Directory schema to store a public key.

Storing SSH public keys in Active Directory gives you a single location where you can manage keys instead of on all those tens / hundreds / thousands of servers. Win-win!

Here is how to store user SSH keys in Active Directory for SSH authentication.