On ke, 05 joulu 2018, tarak sinha wrote:
Yes, I can. thanks alex for your help. Let me know what needs to be done.
[r...@deploy1.ops tsinha]# kvno -S host mstageegw3.example.com
kvno: invalid option -- S
usage: kvno [-4 | [-c ccache] [-e etype] [-k keytab]] service1 service2 ...
[r...@deploy1.ops tsinha]#
What OS is this?
Anyway, what happens if you get
kvno host/mstageegw3.example.com
Also, please show
ipa host-show --all mstageegw3.example.com
On Wed, Dec 5, 2018 at 4:28 PM Alexander Bokovoy <aboko...@redhat.com>
wrote:
On ke, 05 joulu 2018, tarak sinha via FreeIPA-users wrote:
>Hi Guys,
>
>I am having issue to ssh with one host with SSO, all the users are able to
>ssh without asking password but only my userid having issue with asking
>password, I have tried to do kdestroy and did kinit again with userid
along
>with REALM but did not work. if you have any suggestions please let me
know
>to check further.
>
>Here it is output for ssh connection which asking password,
>----snip----
>
>debug1: Authentications that can continue:
>publickey,gssapi-keyex,gssapi-with-mic,password
>debug1: Next authentication method: gssapi-with-mic
>debug1: Unspecified GSS failure. Minor code may provide more information
>Server not found in Kerberos database
^^ this is your problem.
Can you show output of
kvno -S host mstageegw3.example.com
on your client from where you do SSH?
>debug1: Unspecified GSS failure. Minor code may provide more information
>Server not found in Kerberos database
>debug1: Unspecified GSS failure. Minor code may provide more information
>Server not found in Kerberos database
>debug2: we did not send a packet, disable method
>debug1: Next authentication method: publickey
>debug1: Offering public key: /uhome/aalevoor/.ssh/id_rsa
>debug2: we sent a publickey packet, wait for reply
>debug1: Authentications that can continue:
>publickey,gssapi-keyex,gssapi-with-mic,password
>debug1: Trying private key: /uhome/aalevoor/.ssh/id_dsa
>debug2: we did not send a packet, disable method
>debug1: Next authentication method: password
>aalev...@mstageegw3.example.com's password:
>debug2: we sent a password packet, wait for reply
>debug1: Authentication succeeded (password).
>debug1: channel 0: new [client-session]
>debug2: channel 0: send open
>debug1: Entering interactive session.
>debug2: callback start
>debug2: client_session2_setup: id 0
>debug2: channel 0: request pty-req confirm 0
>debug2: channel 0: request shell confirm 0
>debug2: fd 4 setting TCP_NODELAY
>debug2: callback done
>debug2: channel 0: open confirm rwindow 0 rmax 32768
>debug2: channel 0: rcvd adjust 2097152
>Last login: Wed Dec 5 01:53:06 2018 from 10.22.6.70
>
>--
>
>*Thanks,*
>
>*TS*
>_______________________________________________
>FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
>To unsubscribe send an email to
freeipa-users-le...@lists.fedorahosted.org
>Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
>List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
>List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
--
*Thanks,*
*Tarak Nath Sinha*
*Mobile: **+91 8197522750*
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
