[Freeipa-users] Free IPA Openssh client install error
Sumit Bose
sbose at redhat.com
Wed Dec 14 15:39:24 UTC 2016
On Wed, Dec 14, 2016 at 03:18:52PM +0000, James Harrison wrote:
> Hi,I installed the freeipa client on an Ubuntu Precise system (12.04)
>
> I get the following message at the end of the install:
> "Installed OpenSSH server does not support dynamically loading authorized user keys. Public key authentication of IPA users will not be available."
>
> Any clues? Is there a fix?
Either OpenSSH on Ubuntu 12.04 does not support the
AuthorizedKeysCommand sshd option or the checks ipa-client-install is
trying do not match.
ipa-client-install calls
sshd -t -f /dev/null -o AuthorizedKeysCommand=/usr/bin/sss_ssh_authorizedkeys -o AuthorizedKeysCommandUser=nobody
to check if sshd supports the option. It also tries
'AuthorizedKeysCommand' with 'AuthorizedKeysCommandRunAs' and
'PubKeyAgent' with 'PubKeyAgentRunAs'.
Do you see related messages in /var/log/ipaclient-install.log ?
HTH
bye,
Sumit
>
> Best regards,James Harrison
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
More information about the Freeipa-users
mailing list