[Freeipa-users] Re: Configuring Client SSH Access Problem
Simo Sorce
ssorce at redhat.com
Wed Dec 9 13:25:29 UTC 2009
On Wed, 2009-12-09 at 15:16 +0800, Michael Kang wrote:
> Does anyone know what's wrong?
>
> On Tue, Dec 8, 2009 at 12:35 PM, Michael Kang <wxiluo at gmail.com>
> wrote:
> Dear all,
>
> I had setup a FreeIPA server and a FreeIPA client. After using
> the ktutil command to import the keytab, using the following
> command on another machine to test the configuration. This
> still need passwd.
>
> IPA Server:
> kinit admin
> ipa-addservice host/ipaclient.example.com
> ipa-getkeytab -s ipaserver.example.com -p
> host/ipaclient.example.com -k /tmp/krb5.keytab
> scp /tmp/krb5.keytab
> root at ipaclient.example.com:/tmp/krb5.keytab
>
> IPA client:
> # ktutil
> ktutil: read_kt /tmp/krb5.keytab
> ktutil: write_kt /etc/krb5/krb5.keytab
> ktutil: q
> ssh admin at ipaserver.example.com (This don't need passwd.)
>
>
> PC or Mac:
> ssh admin at ipaclient.example.com (This still need passwd.)
So you did successfully kinit on the PC and on the Mac ?
You can get more info on what is going on by using ssh -vvv
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-users
mailing list