On Thu, Jun 21, 2018 at 12:13:03PM -0000, Bart via FreeIPA-users wrote: > Or it is not solved yet :). > > After the update my sssd versions are: > server: 1.16.1-8 > client: 1.16.1-7 > > Public keys get updated on the client host but ONLY after I log in to the > server. Even though I set entry_cache_timeout = 120 literally everywhere (on > client and server), client still allows to log in with ssh key after it was > deleted using FreeIPA web ui.
Did you lower memcache_timeout as well? This should not be related but worth a try. Can you send me the SSSD logs from the IPA client and server which cover the call of sss_ssh_authorizedkeys at the time you would expect that the cached entries are expired and fresh data should be read from the server? bye, Sumit > _______________________________________________ > FreeIPA-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/[email protected]/message/3TEVVOYFSZK46QQ7RCVXR7H24KWCBK2S/ _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected]/message/KZXGLGDQWYGWQNIVIDTG4XP5TFMDKIKP/
