Some of my users have expressed concerns about moving to FreeIPA because they prefer to use SSH. The main reason behind that is because they can use agent forwarding and only have to sign on once. I did find information on forwardable Kerberos tickets, kinit -f. Has anyone used this in place of SSH keys, or do you have other suggestions? There are a few service accounts scripted to work with SSH keys so we may have to leave a few local accounts on the servers. I don't particularly like that idea.
Sara Kline System Administrator Transaction Network Services, Inc 4501 Intelco Loop, Lacey WA 98503 Wk: (360) 493-6736 Cell: (360) 280-2495 ________________________________ This e-mail message is for the sole use of the intended recipient(s)and may contain confidential and privileged information of Transaction Network Services. Any unauthorised review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
_______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users