{"id":1246,"date":"2017-11-06T19:02:12","date_gmt":"2017-11-06T17:02:12","guid":{"rendered":"https:\/\/community.virtono.com\/?p=1246"},"modified":"2017-11-06T19:02:12","modified_gmt":"2017-11-06T17:02:12","slug":"set-up-password-authentication-with-active-directory-under-debian","status":"publish","type":"post","link":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/set-up-password-authentication-with-active-directory-under-debian\/","title":{"rendered":"Set up password authentication with Active Directory under Debian"},"content":{"rendered":"<p>Centralized directory services such as OpenLDAP or Active Directory (AD) simplify\u00a0<b>password management<\/b>\u00a0for the administrator and the user.\u00a0In terms of Linux servers, the aspect of SSH\u00a0<b>authentication<\/b>\u00a0via AD\u00a0is especially\u00a0interesting.\u00a0From the point of view of IT security, this solution is also advantageous:<\/p>\n<ul>\n<li>Administrators no longer need to choose and manage different passwords for each server.\u00a0You can log in to the servers with the AD password.<\/li>\n<li>The password change or deactivation of an account can be made via the AD.<\/li>\n<li>Centrally managed root passwords no longer need to be known to all administrators.<\/li>\n<\/ul>\n<p>The following article shows how to\u00a0configure authentication with an AD\u00a0on Debian 7\u00a0<i>wheezy<\/i>\u00a0via\u00a0<i>mod_pam<\/i>\u00a0with\u00a0<b>libpam-ldapd<\/b>\u00a0.\u00a0After configuration, the authentication is not only valid for\u00a0SSH\u00a0but for all services that use PAM (as well as\u00a0<i>sudo<\/i>\u00a0).\u00a0Since there are the libpam-ldapd packages for Ubuntu, the manual can also be applied to Ubuntu.<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_73 counter-hierarchy ez-toc-counter ez-toc-light-blue ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/set-up-password-authentication-with-active-directory-under-debian\/#Prerequisites_and_purpose\" title=\"Prerequisites and purpose\">Prerequisites and purpose<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/set-up-password-authentication-with-active-directory-under-debian\/#Test_connection_to_AD\" title=\"Test connection to AD\">Test connection to AD<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/set-up-password-authentication-with-active-directory-under-debian\/#Installing_libpam_ldapd\" title=\"Installing libpam ldapd\">Installing libpam ldapd<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/set-up-password-authentication-with-active-directory-under-debian\/#Configuration_of_nslcd\" title=\"Configuration of nslcd\">Configuration of nslcd<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/set-up-password-authentication-with-active-directory-under-debian\/#Configuration_of_pam_ldap\" title=\"Configuration of pam_ldap\">Configuration of pam_ldap<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/set-up-password-authentication-with-active-directory-under-debian\/#Troubleshooting\" title=\"Troubleshooting\">Troubleshooting<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/set-up-password-authentication-with-active-directory-under-debian\/#nslcd\" title=\"nslcd\">nslcd<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/set-up-password-authentication-with-active-directory-under-debian\/#pam_ldap\" title=\"pam_ldap\">pam_ldap<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Prerequisites_and_purpose\"><\/span><span id=\"Voraussetzungen_und_Zweck\" class=\"mw-headline\">Prerequisites and purpose<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The following information is needed for the setup:<\/p>\n<ol>\n<li>The LDAP URL of the AD server.<\/li>\n<li>The search or base DN the users are in.<\/li>\n<li>(recommended) A bind DN including password used to search the AD or Base DN.<\/li>\n<li>For TLS\n<ul>\n<li>The certificate file for encrypted communication (since the passwords are transmitted between server &lt;-&gt; AD during authentication, encrypted communication is strongly recommended).<\/li>\n<\/ul>\n<\/li>\n<li>On the server itself, the users who want to log in must\u00a0<b>already exist<\/b>\u00a0.<\/li>\n<\/ol>\n<p>In addition, briefly summarized the objectives of the following instructions:<\/p>\n<ul>\n<li>Password authentication of users via the passwords stored in the AD.<\/li>\n<li>Other things, such as groups, home paths, etc., are\u00a0<b>not<\/b>\u00a0retrieved\u00a0from the AD.<\/li>\n<li>The user\u00a0<i>root<\/i>\u00a0should still be able to log on with the local password.<\/li>\n<\/ul>\n<p><b>Attention: Configurations on PAM modules may mean that you can no longer log in \/ authenticate.\u00a0Always have a root terminal ready for emergencies!<\/b><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Test_connection_to_AD\"><\/span><span id=\"Verbindung_zum_AD_testen\" class=\"mw-headline\">Test connection to AD<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The first step is to test the connection between server &lt;-&gt; AD.\u00a0When using LDAP with START_TLS, communication occurs over port 389:<\/p>\n<pre># telnet ldap.example.com 389\r\nTrying ...\r\nConnected to ldap.example.com\r\nEscape character is '^]'.\r\n<\/pre>\n<p>Then an actual LDAP query is performed via an ldapsearch (for an encrypted connection &#8211; parameter &#8216;-ZZ&#8217; &#8211;\u00a0the certificate\u00a0must be\u00a0configured\u00a0in the file\u00a0<i>\/etc\/ldap.conf<\/i>\u00a0):<\/p>\n<pre>ldapsearch -x -H ldap: \/\/ldap.example.com -D \"CN = Georg Sch\u00f6nberger, OU = Users, DC = example, DC = com\" \\\r\n-b OU = Users, DC = example, DC = com -W -ZZ sAMAccountName = gschoenberger\r\n<\/pre>\n<h2><span class=\"ez-toc-section\" id=\"Installing_libpam_ldapd\"><\/span><span id=\"Installation_von_libpam-ldapd\" class=\"mw-headline\">Installing libpam ldapd<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The central component of the Debian server is the package\u00a0libpam-ldapd\u00a0(packages.debian.org).\u00a0This package also\u00a0installs the nslcd\u00a0(packages.debian.org)\u00a0daemon that\u00a0handles\u00a0communication between server &lt;-&gt; AD.<\/p>\n<pre># apt-get install libpam-ldapd\r\n[...]\r\nThe following NEW packages will be installed:\r\n  bind9-host geoip-database ldap-utils libbind9-80 libcap2 libdns88 libgeoip1 libisc84 libisccc80 libisccfg82\r\n liblwres80 libnss-ldapd libpam-ldapd libxml2 nscd nslcd sgml-base xml-core\r\n\r\n<\/pre>\n<p>If you want to run the package configuration again to adjust values, just call<\/p>\n<pre># dpkg-reconfigure nslcd\r\n<\/pre>\n<p>on.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Configuration_of_nslcd\"><\/span><span id=\"Konfiguration_von_nslcd\" class=\"mw-headline\">Configuration of nslcd<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The following map and filter entries, binddn and bindpw, and TLS options must be\u00a0added to\u00a0the file\u00a0<i>\/etc\/nslcd.conf<\/i>\u00a0:<\/p>\n<pre>[...]\r\nbase ou = Users, dc = example, dc = com\r\nmap passwd uid sAMAccountName\r\nfilter passwd (objectClass = user)\r\n\r\n# The LDAP protocol version to use.\r\nldap_version 3\r\n\r\n# The DN to bind with normal lookups.\r\nbinddn cn = reader, dc = example, dc = com\r\nbindpw secret\r\n\r\n[...]\r\n\r\n# SSL options\r\nssl start_tls\r\ntls_reqcert demand\r\ntls_cacertfile \/etc\/ssl\/certs\/Example-com-cacert.pem\r\n[...]\r\n<\/pre>\n<p>In the file\u00a0<i>\/etc\/nslcd.conf<\/i>\u00a0are, as shown above, the settings made the package installation.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Configuration_of_pam_ldap\"><\/span><span id=\"Konfiguration_von_pam_ldap\" class=\"mw-headline\">Configuration of pam_ldap<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><b>Basically, the configuration of the package installation is already suitable for AD authentication<\/b>\u00a0.\u00a0However, users can authenticate with the default configuration using both AD \/ LDAP and local password.\u00a0In order to\u00a0no longer allow\u00a0local passwords for users other than\u00a0<i>root<\/i>\u00a0, the following change must be made to the file\u00a0<i>\/etc\/pam.d\/common-auth.conf<\/i>\u00a0.<\/p>\n<p><b>Attention:<\/b>\u00a0After this change, only\u00a0<i>root can use<\/i>\u00a0its local password.\u00a0All other users rely on the AD and a working connection between server &lt;-&gt; AD:<\/p>\n<pre># vi \/etc\/pam.d\/common-auth\r\n[...]\r\nauth sufficient pam_ldap.so minimum_uid = 1000\r\nauth requisite pam_succeed_if.so uid eq 0\r\nauth sufficient pam_unix.so nullok_secure\r\n# here's the fallback if no module succeeds\r\n[...]\r\n<\/pre>\n<p>After that, for all users with uid&gt; 1000, an AD login authentication is sufficient.\u00a0The local passwords do not work anymore!<\/p>\n<p>The configuration of AD authentication is completed after the above steps.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Troubleshooting\"><\/span><span id=\"Fehleranalyse\" class=\"mw-headline\">Troubleshooting<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<h3><span class=\"ez-toc-section\" id=\"nslcd\"><\/span><span id=\"nslcd\" class=\"mw-headline\">nslcd<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>The\u00a0<i>nslcd<\/i>\u00a0daemon\u00a0provides Debus mode for analyzing LDAP authentication:<\/p>\n<pre># nslcd -d\r\nnslcd: DEBUG: add_uri (ldap: \/\/ldap.example.com)\r\nnslcd: DEBUG: ldap_set_option (LDAP_OPT_X_TLS_REQUIRE_CERT, 2)\r\n[...]\r\nnslcd: accepting connections\r\n<\/pre>\n<p>If the parameter is\u00a0<code>-d<\/code>specified more often, the debug level of\u00a0<i>nslcd increases<\/i>\u00a0.<\/p>\n<p>Something is misleading the error message<\/p>\n<pre>DEBUG: failed to bind to ldap server ldap: \/\/ldap.example.com: Invalid credentials: 80090308:\r\nLdapErr: DSID-0C0903C8, comment: AcceptSecurityContext error, data 52e, v23f0\r\n<\/pre>\n<p>which also occurs when a user account does not yet exist on the server.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"pam_ldap\"><\/span><span id=\"pam_ldap\" class=\"mw-headline\">pam_ldap<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>If you\u00a0<i>want<\/i>\u00a0to customize\u00a0the pam rules in the file\u00a0<i>\/etc\/pam.d\/common-auth.conf<\/i>\u00a0, you\u00a0<i>&#8216;ll get<\/i>\u00a0the error\u00a0in the log file\u00a0<i>\/var\/log\/auth.log<\/i><\/p>\n<pre>pam_succeed_if (sshd: auth): incomplete condition detected<\/pre>\n<p>if the\u00a0<i>pam_succeed_if.so<\/i>\u00a0expressions\u00a0<i>are<\/i>\u00a0not correct.<\/p>\n<pre>\r\n\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>Centralized directory services such as OpenLDAP or Active Directory (AD) simplify\u00a0password management\u00a0for the administrator and the user.\u00a0In terms of Linux servers, the aspect of SSH\u00a0authentication\u00a0via AD\u00a0is especially\u00a0interesting.\u00a0From the point of view of IT security, this solution is also advantageous: Administrators no longer need to choose and manage different passwords for<\/p>\n","protected":false},"author":3,"featured_media":1247,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[3],"tags":[],"class_list":["post-1246","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tutorial-how-to"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/password-wide.jpeg?fit=623%2C425&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p7ISfL-k6","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":3330,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-set-up-ssh-keys-on-ubuntu-20-04\/","url_meta":{"origin":1246,"position":0},"title":"How to Set Up SSH Keys on Ubuntu 20.04","author":"George B.","date":"April 27, 2023","format":false,"excerpt":"In this tutorial, we will learn how to set up SSH keys on Ubuntu 20.04. Secure Shell (SSH) is a protocol used to securely connect to a remote server or computer. It provides a secure way to transfer files, execute remote commands, and manage remote systems. SSH keys are a\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-Set-Up-SSH-Keys-on-Ubuntu-20.04.png?fit=600%2C330&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-Set-Up-SSH-Keys-on-Ubuntu-20.04.png?fit=600%2C330&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-Set-Up-SSH-Keys-on-Ubuntu-20.04.png?fit=600%2C330&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":1345,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/samba-sharing-with-authentication\/","url_meta":{"origin":1246,"position":1},"title":"Samba sharing with authentication","author":"Shreyash Sharma","date":"February 22, 2018","format":false,"excerpt":"Complementing a simple Samba release, this article shows how to\u00a0create a username and password based Samba share\u00a0using a\u00a0Debian\u00a08 based system.\u00a0Ubuntu\u00a016.04 and Windows 10 are used\u00a0as client software for testing the connection\u00a0. \u00a0 Installation and configuration on the Debian server These following sections show the necessary configuration steps on the Debian\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2018\/02\/Samba-Schema.gif?fit=450%2C300&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":1158,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/openssh-public-key-authentication-under-ubuntu\/","url_meta":{"origin":1246,"position":2},"title":"OpenSSH public key authentication under Ubuntu","author":"Shreyash Sharma","date":"October 24, 2017","format":false,"excerpt":"This article shows how\u00a0SSH access is\u00a0configured\u00a0for\u00a0public-key\u00a0authentication\u00a0.\u00a0To do so, a key pair is created on the client, the public part of the keys are transferred to the server, and the server is set up for key authentication.\u00a0The user can log on to the server without a login password, only the password\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":3595,"url":"https:\/\/www.virtono.com\/community\/knowledgebase\/how-to-protect-your-server-against-brute-force-attacks\/","url_meta":{"origin":1246,"position":3},"title":"How to Protect Your Server Against Brute Force Attacks","author":"George B.","date":"June 23, 2023","format":false,"excerpt":"Introduction Brute force attacks are one of the most common threats that server administrators face. This guide is designed to provide you with the knowledge and strategies you need to protect your server from brute force attacks. What is a Server Brute Force Attack A server brute force attack is\u2026","rel":"","context":"In &quot;Knowledgebase&quot;","block_context":{"text":"Knowledgebase","link":"https:\/\/www.virtono.com\/community\/category\/knowledgebase\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/06\/How-to-Protect-Your-Server-Against-Brute-Force-Attacks.png?fit=600%2C330&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/06\/How-to-Protect-Your-Server-Against-Brute-Force-Attacks.png?fit=600%2C330&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/06\/How-to-Protect-Your-Server-Against-Brute-Force-Attacks.png?fit=600%2C330&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":1149,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/ssh-login-under-debian-with-fail2ban\/","url_meta":{"origin":1246,"position":4},"title":"SSH Login under Debian with fail2ban","author":"Shreyash Sharma","date":"October 22, 2017","format":false,"excerpt":"The tool\u00a0fail2ban\u00a0,\u00a0written in Python,\u00a0aims to secure server services against DoS attacks.\u00a0It checks log files for predefined patterns and temporarily blocks the corresponding IP addresses if the failed access is repeated.\u00a0This article shows you how to back up a Debian-based server with fail2ban.\u00a0The deployed version of fail2ban is\u00a00.9.6-2\u00a0under\u00a0Debian 9.1\u00a0. Problem In\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/10\/fail2ban-logo2.png?fit=459%2C441&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":1157,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/ssh-key-login\/","url_meta":{"origin":1246,"position":5},"title":"SSH Key Login","author":"Shreyash Sharma","date":"October 24, 2017","format":false,"excerpt":"Note:\u00a0This article applies to older SSH versions (SSH version 1).\u00a0For the latest information on SSH key logins, see\u00a0OpenSSH Public Key Authentication under Ubuntu\u00a0. SSH Config for SSH Key customize On the remote server, the \/ Etc \/ ssh \/ sshd_config to be edited.\u00a0Change the following values: current: RSAAuthentification yes New:\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/10\/public-key-auth-workflow.png?fit=632%2C696&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/10\/public-key-auth-workflow.png?fit=632%2C696&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/10\/public-key-auth-workflow.png?fit=632%2C696&ssl=1&resize=525%2C300 1.5x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/1246","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/comments?post=1246"}],"version-history":[{"count":1,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/1246\/revisions"}],"predecessor-version":[{"id":1248,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/1246\/revisions\/1248"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media\/1247"}],"wp:attachment":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media?parent=1246"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/categories?post=1246"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/tags?post=1246"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}