[Freeipa-users] Re: Configuring Client SSH Access Problem

Michael Kang wxiluo at gmail.com
Thu Dec 10 03:26:57 UTC 2009 

Dear all,

There are three virtual machines:
Name:   ipa.aragon.local
Address: 192.168.8.88

Name:   client.aragon.local
Address: 192.168.3.33

Name:   node.aragon.local
Address: 192.168.4.44

DNS is working well(Both A and PTR records)

On Wed, Dec 9, 2009 at 8:30 PM, Dan Scott <danieljamesscott at gmail.com>wrote:

> Generally, I've found that this is caused by incorrect DNS records.
> Make sure that your A and PTR records are correct for this host.
>
> One other thing, you should be able to run ipa-getkeytab directly on the
> client.
>
> Hope this helps,
>
> Dan Scott
> http://danieljamesscott.org
>
> On Wed, Dec 9, 2009 at 02:16, Michael Kang <wxiluo at gmail.com> wrote:
> > Does anyone know what's wrong?
> >
> > On Tue, Dec 8, 2009 at 12:35 PM, Michael Kang <wxiluo at gmail.com> wrote:
> >>
> >> Dear all,
> >>
> >> I had setup a FreeIPA server and a FreeIPA client. After using
> the ktutil
> >> command to import the keytab, using the following command on another
> machine
> >> to test the configuration. This still need passwd.
> >>
> >> IPA Server:
> >>>
> >>> kinit admin
> >>> ipa-addservice host/ipaclient.example.com
> >>> ipa-getkeytab -s ipaserver.example.com -p host/ipaclient.example.com-k
> >>> /tmp/krb5.keytab
> >>> scp /tmp/krb5.keytab root at ipaclient.example.com:/tmp/krb5.keytab
> >>
> >> IPA client:
> >>>
> >>> # ktutil
> >>> ktutil: read_kt /tmp/krb5.keytab
> >>> ktutil: write_kt /etc/krb5/krb5.keytab
> >>> ktutil: q
> >>
> >> ssh admin at ipaserver.example.com (This don't need passwd.)
> >>
> >> PC or Mac:
> >> ssh admin at ipaclient.example.com (This still need passwd.)
> >>
> >> What should I do?
> >>
> >> Best Regards,
> >> Michael Kang
> >> --
> >> Michael Kang(康上明学)
> >> There is a giant asleep within every man. When the giant
> awakens,miracles
> >> happen.
> >>
> >> Personal blog: http://ufusion.org - United Fusion
> >
> >
> >
> > --
> > Michael Kang(康上明学)
> > There is a giant asleep within every man. When the giant awakens,miracles
> > happen.
> >
> > Personal blog: http://ufusion.org - United Fusion
> >
> > _______________________________________________
> > Freeipa-users mailing list
> > Freeipa-users at redhat.com
> > https://www.redhat.com/mailman/listinfo/freeipa-users
> >
>



-- 
Michael Kang(康上明学)
There is a giant asleep within every man. When the giant awakens,miracles
happen.

Personal blog: http://ufusion.org - United Fusion
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20091210/8a3a34d6/attachment.htm>

More information about the Freeipa-users mailing list