[Freeipa-users] Using SSH from Active Directory machines for FreeIPA clients with kerberos tickets
Alexander Bokovoy
abokovoy at redhat.com
Fri Sep 11 20:24:52 UTC 2015
On Fri, 11 Sep 2015, Morgan Marodin wrote:
>Hi everyone.
>
>I've seen these guides:
>https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/trust-ssh.html
>https://docs.fedoraproject.org/en-US/Fedora/18/html/FreeIPA_Guide/trust-ssh.html
>https://www.dalemacartney.com/2013/08/30/single-sign-on-sso-with-secure-shell-ssh/
>
>But I've not been able to access via ssh to a freeipa client with kerberos
>tickets.
>I've also tried to install MIT kerberos to my windows 8.1, but doesn't
>works too.
This is not required.
What Windows 8.1 version you have? Is it a Pro edition (the other
editions don't join AD)?
>The target freeipa client is a RHEL 6.7 like distribution.
>
>Naturally trying with AD username (name.surname at mydomain.com) and password
>is ok.
>
>Do you have any suggestions for this problem?
Enable DEBUG3 level logging in sshd_config for SSH server, attempt to
login from Windows client and show the logs around 'userok' in the
resulting debug output.
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list