after (long) troubleshooting I finally pinpointed an annoying problem.
Centos offers freenx (the free version of nomachine, so not a Red Hat
problem) that allows multiple sessions and not just only 2 users like the
free nochine version. This is very nice.
After the upgrade to version 6.4, the ssh client config file
/etc/ssh/ssh_config, is changed. This change breaks freenx completely:
The new ssh_config file *after* joining the ipa domain adds this:
# diff ssh_config.nxworks ssh_config.ipa
> GlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts
> PubkeyAuthentication yes
> ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h
if we remove those settings, freenx works again.
I repeat: this has nothing to do with Red Hat, this is not their problem.
I do not know what the implications are for this action, I suspect it will
break the known_hosts functionality. We do not manage that with ipa, so
that is not an issue for us (we use cfengine for that).
If anyone else has had this problem, there you have a workaround.
Freeipa-users mailing list