[Freeipa-users] Odd problem with SSSD and SSH keys
Jan Cholasta
jcholast at redhat.com
Thu Jan 16 16:52:03 UTC 2014
I think you can just comment out the whole [domain/] section in
sssd.conf and restart sssd. Does that solve the problem? If not, could
you please post your sssd.conf here?
On 16.1.2014 11:21, Bret Wortman wrote:
> Yes, though there should be only one. We ended up somehow with foo.com and .foo.com and I'm not sure how to reduce us properly to just foo.com.
>
>
> Bret Wortman
> http://bretwortman.com/
> http://twitter.com/BretWortman
>
>> On Jan 16, 2014, at 4:42 AM, Jan Cholasta <jcholast at redhat.com> wrote:
>>
>> OK, there is definitely something going on in the client then. Are there multiple domains configured in sssd.conf?
>>
>>> On 15.1.2014 13:56, Bret Wortman wrote:
>>> The fingerprint does match.
>>>
>>>> On 01/15/2014 03:33 AM, Jan Cholasta wrote:
>>>>
>>>>
>>>>> On 14.1.2014 12:34, Bret Wortman wrote:
>>>>> The key in /etc/ssh/ssh_host_rsa_key.pub matches what's in IPA for the
>>>>> host in question. It should not have had any connectivity issues; it's
>>>>> co-located with several of our IPA masters.
>>>>
>>>> Can you also check if the MD5 fingerprint reported by ssh (e.g.
>>>> 2a:1e:1c:87:33:44:fb:87:ab:6f:ee:80:d5:21:7e:ab in your original post)
>>>> matches the MD5 fingerprint for the host in IPA?
>>
>> --
>> Jan Cholasta
--
Jan Cholasta
More information about the Freeipa-users
mailing list