A question about LDAP Public Key authentication with openssh 9.8p1

[Brian Candler]

On 12/10/2024 12:04, Qingtao Cao wrote:
> 4. Putting the #2 and #3 points above together, that "goto out;" line will
> make the non-local user unable to login the device, despite of the fact
> that its RSA public key has been setup properly on the remote LDAP server

Suppose that user were allowed to login: what UID, GID and home 
directory would you expect them to be assigned?

Don't you still need something like nss_ldap or sssd to perform the 
username mapping? And if you had that, getpwnam() would not return NULL.