On Thu, May 23, 2013 at 1:53 PM, Natxo Asenjo <natxo.ase...@gmail.com>wrote:
> hi, > > after (long) troubleshooting I finally pinpointed an annoying problem. > > Centos offers freenx (the free version of nomachine, so not a Red Hat > problem) that allows multiple sessions and not just only 2 users like the > free nochine version. This is very nice. > > After the upgrade to version 6.4, the ssh client config file > /etc/ssh/ssh_config, is changed. This change breaks freenx completely: > > The new ssh_config file *after* joining the ipa domain adds this: > > # diff ssh_config.nxworks ssh_config.ipa > 48a49,52 > > GlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts > > PubkeyAuthentication yes > > ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h > > if we remove those settings, freenx works again. > > I repeat: this has nothing to do with Red Hat, this is not their problem. > > I do not know what the implications are for this action, I suspect it will > break the known_hosts functionality. We do not manage that with ipa, so > that is not an issue for us (we use cfengine for that). > > If anyone else has had this problem, there you have a workaround. > -- > Groeten, > natxo > > _______________________________________________ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users > Hello, Indeed, this is an annoying problem. We have been also impacted and there is a bugzilla for that: https://bugzilla.redhat.com/show_bug.cgi?id=889720 Basically, you can let the Proxy command untouched in ssh_config and modify nxnode-login script so it does overides that option. Anyway, it was indeed not easy to find. Best regards, Denis
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users