Hi guys,

We have a setup where the FreeIPA server also hosts the user's homedirs. These 
are shared via NFSv4 and are automounted when a user logs in.

[root@adm-001 ~]# cat /etc/exports
/data/home      
172.16.216.0/24(rw,no_root_squash,sec=sys:krb5:krb5i:krb5p,fsid=1338)

[root@adm-001 ~]# ipa automountkey-show
Location: default
Map: auto.home
Key: *
  Key: *
  Mount information: -fstype=nfs4,rw,sec=krb5,intr,hard 
adm-001.domain:/data/home/&


While normal ssh logins work (you ssh to the client and put in your password), 
passwordless ssh does not work. It's obvious that passwordless logins do not 
activate the kerberos ticket function, but that results in the users being 
unable to read their own files in their homedirs.

For now we ask users to not do passwordless login, but could we make the latter 
work?

TIA,

/tony


-- 
Tony Albers
Systems administrator, IT-development
Royal Danish Library, Victor Albecks Vej 1, 8000 Aarhus C, Denmark.
Tel: +45 2566 2383 / +45 8946 2316
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to