[Freeipa-users] User can't login via ssh from external
Joe Linoff
jlinoff at tabula.com
Mon Jul 23 21:55:42 UTC 2012
Hi Folks:
I managed to get the user working doing the following (all from the
CLI):
1. Deleted the user (ipa user-del new-user)
2. Re-added the user
3. Add the user to administrator groups.
4. Changed/set the password.
5. Removed the administrator privileges.
6. Attempt report ssh login.
Steps 3 and 5 are a hack but I can demonstrate that not doing them
causes the strange login problem. I can also show that the HBAC rules
are enforced properly after step 5 is run so this works for me. I just
don't understand why it is necessary.
Thank you for all of your help and suggestions.
Regards,
Joe
From: Joe Linoff
Sent: Monday, July 23, 2012 1:51 PM
To: sgallagh at redhat.com; dpal at redhat.com
Cc: freeipa-users at redhat.com; Joe Linoff
Subject: Re: [Freeipa-users] User can't login via ssh from external
Hi Stephen and Dmitri:
Thank you for the sshd GSSAPI configuration suggestion. I tried it this
morning but it didn't work. That particular user is still not able to
login. What is even more interesting is that I created a user with the
identical setup and the new user worked (i.e., they were able to ssh in
remotely).
I am really confused by this because it does not appear to be a global
setup issue like ssh. It may be some sort of HBAC rule violation or
something else equally strange. I just can't figure it out.
Can you suggest any other ways to troubleshoot this?
Thanks,
Joe
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120723/1d0e0be5/attachment.htm>
More information about the Freeipa-users
mailing list