[Freeipa-devel] sshd, gssapi postinstall cleanup
Karl MacMillan
kmacmill at redhat.com
Wed Jan 2 21:46:20 UTC 2008
On Wed, 2008-01-02 at 16:21 -0500, John Dennis wrote:
> I lost my ability to ssh into one of the boxes I had IPA installed on.
> I'm not currently testing IPA on that box anymore so I disabled many of
> the IPA services and reset my /etc/krb5.conf file back to it's original
> content (pointing to our corporate KDC). When I tried to ssh in the
> connection would appear to hang, so I ran ssh in verbose mode and
> discovered it was hanging while attempting GSSAPI authentication. I'm
> perplexed as to why and I'm wondering if something in the IPA
> installation might have done something (I believe each IPA rpm had been
> installed, but only the server install script had been run). Here are
> the relevant facts:
>
I've seen problems when I have tickets in my cache but the KDC is not
reachable - this is on the client side. Worst part is that this makes it
impossible to ssh to *any* host, which makes it confusing to debug (it's
clear why, but it still manages to confuse me).
Doesn't seem like this is your issue, but I thought I would mention it
anyway.
Karl
More information about the Freeipa-devel
mailing list