Some of my users have expressed concerns about moving to FreeIPA because they 
prefer to use SSH. The main reason behind that is because they can use agent 
forwarding and only have to sign on once. I did find information on forwardable 
Kerberos tickets, kinit -f. Has anyone used this in place of SSH keys, or do 
you have other suggestions? There are a few service accounts scripted to work 
with SSH keys so we may have to leave a few local accounts on the servers. I 
don't particularly like that idea.

Sara Kline
System Administrator
Transaction Network Services, Inc
4501 Intelco Loop, Lacey WA 98503
Wk: (360) 493-6736
Cell: (360) 280-2495

This e-mail message is for the sole use of the intended recipient(s)and may
contain confidential and privileged information of Transaction Network Services.
Any unauthorised review, use, disclosure or distribution is prohibited. If you
are not the intended recipient, please contact the sender by reply e-mail and 
destroy all copies of the original message.

Freeipa-users mailing list

Reply via email to