[Freeipa-users] sssd 1.13.3: sss_ssh_knownhostsproxy seems to break ssh -4
Lukas Slebodnik
lslebodn at redhat.com
Fri Feb 19 16:06:01 UTC 2016
On (19/02/16 16:04), Jakub Hrozek wrote:
>On Fri, Feb 19, 2016 at 03:27:50PM +0100, Harald Dunkel wrote:
>> Hi Lukas,
>>
>> I found an ubuntu manpage saying sss_ssh_knownhostsproxy is
>> an experimental feature.
>> Would you suggest to drop it
>> in ipa-client-install?
>
>It's not experimental (at least upstream) for several years.. What sssd
>version is that?
>
@see subject :-)
>>
>> IMHO this is a pretty annoying bug. I rely upon a port
>> redirection for ssh on IPv4. For IPv6 there is no
>> redirection, but the port is blocked in the packet filter.
>
>Would it help to set lookup_family_order to ipv4_only here so that ipv6
>is not even tried (or the other way around, depending on which AF you
>want to try..)
>
I briefly look at the source code and it does not seems to read sssd.conf.
LS
More information about the Freeipa-users
mailing list