[Freeipa-users] sssd and ipa+ad trust, ssh login errors
l at avc.su
l at avc.su
Fri Jul 3 16:52:12 UTC 2015
OK, seems like I've found the cause.
/etc/sssd/sssd.conf
default_domain_suffix = zone.local
If I comment this out, I can login using password or publickey with ipa
user and using password with AD user, but I need to specify the domain
component.
Found this thread:
https://www.redhat.com/archives/freeipa-users/2015-February/msg00371.html
And this bug: https://fedorahosted.org/sssd/ticket/2569
Since it's fixed, it should appear in sssd 1.13 release?
l at avc.su писал 2015-07-03 18:29:
> Hello.
> I've encountered an issue with ssh login to freeipa clients in trusted
> environment.
> getent/id commands working as expected, but password/publickey auth
> for user from ipa or AD domain does not work (gssapi works, by the
> way)
> Seems like sss_ssh_authorizedkeys not working properly in this case.
More information about the Freeipa-users
mailing list