[Freeipa-users] sssd 1.13.3: sss_ssh_knownhostsproxy seems to break ssh -4
Jakub Hrozek
jhrozek at redhat.com
Fri Feb 19 15:04:15 UTC 2016
On Fri, Feb 19, 2016 at 03:27:50PM +0100, Harald Dunkel wrote:
> Hi Lukas,
>
> I found an ubuntu manpage saying sss_ssh_knownhostsproxy is
> an experimental feature.
> Would you suggest to drop it
> in ipa-client-install?
It's not experimental (at least upstream) for several years.. What sssd
version is that?
>
> IMHO this is a pretty annoying bug. I rely upon a port
> redirection for ssh on IPv4. For IPv6 there is no
> redirection, but the port is blocked in the packet filter.
Would it help to set lookup_family_order to ipv4_only here so that ipv6
is not even tried (or the other way around, depending on which AF you
want to try..)
More information about the Freeipa-users
mailing list