[Freeipa-users] error install replication

alireza baghery baghery.jone at gmail.com
Mon Feb 9 13:34:52 UTC 2015 

yes try "ssh admin at hostname" but do not work
====log secure-====

Feb  9 15:42:20 ipasrv sshd[13414]: pam_unix(sshd:auth): authentication
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.30.160.20  user=admin
Feb  9 15:42:20 ipasrv sshd[13414]: pam_sss(sshd:auth): authentication
success; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.30.160.20 user=admin
Feb  9 15:42:20 ipasrv sshd[13414]: pam_sss(sshd:account): Access denied
for user admin: 6 (Permission denied)
Feb  9 15:42:20 ipasrv sshd[13414]: Failed password for admin from
10.30.160.20 port 52123 ssh2
Feb  9 15:42:20 ipasrv sshd[13415]: fatal: Access denied for user admin by
PAM account configuration


On Mon, Feb 9, 2015 at 3:20 PM, Martin Kosek <mkosek at redhat.com> wrote:

> Did you try the "ssh admin@`hostname`" command? It should show if ssh to
> admin
> via SSSD&FreeIPA really works.
>
> On 02/09/2015 11:18 AM, alireza baghery wrote:
> > account admin recognize and show uid gid and groups
> > On Feb 9, 2015 1:42 PM, "Martin Kosek" <mkosek at redhat.com> wrote:
> >
> >> Ok. When on the server, does
> >>
> >> # id admin
> >>
> >> or "ssh admin@`hostname`" work? Maybe it does not recognize the admin
> >> user.
> >>
> >> On 02/09/2015 09:29 AM, alireza baghery wrote:
> >>> ipasrv# Service SSSD status
> >>> sssd is runing
> >>> nevertheless i restart service sssd
> >>> but problem do not solved
> >>>
> >>> On Mon, Feb 9, 2015 at 11:19 AM, Martin Kosek <mkosek at redhat.com>
> wrote:
> >>>
> >>>> On 02/09/2015 07:42 AM, alireza baghery wrote:
> >>>>> i check on both server ssh each other's name and ssh successful and
> >>>> resolve
> >>>>> name was also correct on each server
> >>>>> but i can not login with user admin from ipareplica via ssh
> >>>> (root at ipareplica]#
> >>>>> ssh admin at ipasrv ===> failed)
> >>>>>
> >>>>> [root at ipareplica ~]# ssh ipasrv
> >>>>> root at ipasrv's password:
> >>>>> Last login: Mon Feb  9 09:49:54 2015 from 10.30.160.20
> >>>>> =====log /var/secure====
> >>>>> Feb  9 09:50:29 ipasrv sshd[12076]: Accepted password for root from
> >>>>> 10.30.160.20 port 52110 ssh2
> >>>>> Feb  9 09:50:29 ipasrv sshd[12076]: pam_unix(sshd:session): session
> >>>> opened
> >>>>> for user root by (uid=0)
> >>>>> =====
> >>>>> [root at ipasrv ~]# ssh ipareplica
> >>>>> root at ipareplica's password:
> >>>>> Last login: Mon Feb  9 09:50:20 2015 from 10.30.160.19
> >>>>>
> >>>>> ======
> >>>>> [root at ipareplica ~]# nslookup ipasrv
> >>>>> Server:         10.30.160.19
> >>>>> Address:        10.30.160.19#53
> >>>>>
> >>>>> Name:   ipasrv
> >>>>> Address: 10.30.160.19
> >>>>>
> >>>>> ========
> >>>>> [root at ipasrv ~]# nslookup ipareplica
> >>>>> Server:         127.0.0.1
> >>>>> Address:        127.0.0.1#53
> >>>>>
> >>>>> Name:   ipareplica
> >>>>> Address: 10.30.160.20
> >>>>> =========
> >>>>
> >>>> Ok, so ssh is running, you can log in with root. I think that by 99%
> >>>> chance,
> >>>> your SSSD service is not running on the IPA server. Please check if
> this
> >>>> is the
> >>>> case and if yes, please try to (re)start it. If that helped, it would
> be
> >>>> also
> >>>> useful to see *why* the SSSD is not running (crash, misconfiguration,
> >> ...)
> >>>>
> >>>> Martin
> >>>>
> >>>
> >>>
> >>>
> >>
> >>
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150209/fde9a85a/attachment.htm>

More information about the Freeipa-users mailing list