Hi, the attached patch fixes <https://fedorahosted.org/freeipa/ticket/3705>.
Honza -- Jan Cholasta
>From 873beb4d2ce268906f808f71af32919dec30928b Mon Sep 17 00:00:00 2001 From: Jan Cholasta <jchol...@redhat.com> Date: Tue, 25 Jun 2013 08:41:46 +0000 Subject: [PATCH] Do not skip SSSD known hosts in ipa-client-install --ssh-trust-dns. https://fedorahosted.org/freeipa/ticket/3705 --- ipa-client/ipa-install/ipa-client-install | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install index a5ba46c..b188161 100755 --- a/ipa-client/ipa-install/ipa-client-install +++ b/ipa-client/ipa-install/ipa-client-install @@ -1212,12 +1212,12 @@ def configure_ssh_config(fstore, options): 'PubkeyAuthentication': 'yes', } + if options.sssd and file_exists(SSH_PROXYCOMMAND): + changes['ProxyCommand'] = '%s -p %%p %%h' % SSH_PROXYCOMMAND + changes['GlobalKnownHostsFile'] = SSH_KNOWNHOSTSFILE if options.trust_sshfp: changes['VerifyHostKeyDNS'] = 'yes' changes['HostKeyAlgorithms'] = 'ssh-rsa,ssh-dss' - elif options.sssd and file_exists(SSH_PROXYCOMMAND): - changes['ProxyCommand'] = '%s -p %%p %%h' % SSH_PROXYCOMMAND - changes['GlobalKnownHostsFile'] = SSH_KNOWNHOSTSFILE change_ssh_config(ssh_config, changes, ['Host']) root_logger.info('Configured %s', ssh_config) -- 1.8.2.1
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel