I can't help but wonder if it is something with the browser cache, as after I 
posted my notes from yesterday to the mailing list, I logged into the web UI 
and see that my keys are now there.  And yes, I did recently upgrade this 
server, so the cache must have been trying to work with old data.

Thanks!

-Kenny

On Wed, 2013-07-17 at 15:44 +0200, Petr Vobornik wrote:


I've tested your key on a fresh install of
ipa-server-3.0.0-25.el6.x86_64 and it works for me. On the other hand,
the description of the problem looks like a Web UI bug.

Is it possible, that you recently upgraded IPA server and Web browser
still contains some old files in a cache? Please try reloading the UI
with forced cache override, usual shortcut: Ctrl + F5 or Ctrl + Shift + R

Petr

On 07/17/2013 03:04 PM, Armstrong, Kenneth Lawrence wrote:
> Thanks Petr,
>
> I am 100% positive that I pressed 'Set' and not 'Cancel'.
>
> Here are the exact steps and keys I used:
>
> Generate an ssh public key (for user):
>
> ssh-keygen -t rsa -C 
> karmstr...@liberty.edu<mailto:karmstr...@liberty.edu><mailto:karmstr...@liberty.edu>
>
> Cat out the key, paste into web interface for user:
>
> cat .ssh/id_rsa.pub
> ssh-rsa 
> AAAAB3NzaC1yc2EAAAABIwAAAQEA8EDvuInIneXbzg9WrkLKBkVHB0O6bAPjNMF4dTyOqdwX2HDLtLVcW4VY7/03p6xOc014z3rio4GWXa3Othkf5/hqhpQR1C4CUGgSnnUVC7gw/aI9ZpFbp9UGQdEw7E6ii1qDmoyH80wA0pSMfp/Tg19mdm/3GKNqeNCtkpEyMQXyPBeNk0Xba4RXpGio98LOyOxONrYPi4/eR15vzoinBebDN4URAuUgNUxpRrrZp4cWV6W5Bu1zhKblPcAd6jP8qDv/Uty8Jew3GSRo7uZhxzPQQrw+0wBXrUSffPDEe5FH7gPy74J/EfHGtmhbThrrJQ5tmSuqiZnvbnxc3fv6ew==
>  
> karmstr...@liberty.edu<mailto:karmstr...@liberty.edu><mailto:karmstr...@liberty.edu>
>
>
> Web interface says that the key is set
>
> Click Update on web interface, get IPA Error 4202 "no modifications to be 
> performed"
>
>
> Skip the web interface, try from command line, appears to succeed:
>
> [karmstrong@linuxclient<mailto:karmstrong@linuxclient> ~]$ ipa user-mod 
> karmstrong --sshpubkey="ssh-rsa 
> AAAAB3NzaC1yc2EAAAABIwAAAQEA8EDvuInIneXbzg9WrkLKBkVHB0O6bAPjNMF4dTyOqdwX2HDLtLVcW4VY7/03p6xOc014z3rio4GWXa3Othkf5/hqhpQR1C4CUGgSnnUVC7gw/aI9ZpFbp9UGQdEw7E6ii1qDmoyH80wA0pSMfp/Tg19mdm/3GKNqeNCtkpEyMQXyPBeNk0Xba4RXpGio98LOyOxONrYPi4/eR15vzoinBebDN4URAuUgNUxpRrrZp4cWV6W5Bu1zhKblPcAd6jP8qDv/Uty8Jew3GSRo7uZhxzPQQrw+0wBXrUSffPDEe5FH7gPy74J/EfHGtmhbThrrJQ5tmSuqiZnvbnxc3fv6ew==
>  
> karmstr...@liberty.edu<mailto:karmstr...@liberty.edu><mailto:karmstr...@liberty.edu>"
> --------------------------
> Modified user "karmstrong"
> --------------------------
>    User login: karmstrong
>    First name: Kenneth
>    Last name: Armstrong
>    Home directory: /import/is/users/karmstrong
>    Login shell: /bin/bash
>    UID: 1838200001
>    GID: 1838200001
>    Account disabled: False
>    SSH public key: ssh-rsa
>                    
> AAAAB3NzaC1yc2EAAAABIwAAAQEA8EDvuInIneXbzg9WrkLKBkVHB0O6bAPjNMF4dTyOqdwX2HDLtLVcW4VY7/03p6xOc014z3rio4GWXa3Othkf5/hqhpQR1C4CUGgSnnUVC7gw/aI9ZpFbp9UGQdEw7E6ii1qDmoyH80wA0pSMfp/Tg19mdm/3GKNqeNCtkpEyMQXyPBeNk0Xba4RXpGio98LOyOxONrYPi4/eR15vzoinBebDN4URAuUgNUxpRrrZp4cWV6W5Bu1zhKblPcAd6jP8qDv/Uty8Jew3GSRo7uZhxzPQQrw+0wBXrUSffPDEe5FH7gPy74J/EfHGtmhbThrrJQ5tmSuqiZnvbnxc3fv6ew==
>                    karmstr...@liberty.edu<mailto:karmstr...@liberty.edu>
>    Password: True
>    Member of groups: ipausers, linux_admin, gensys
>    Member of Sudo rule: sudo-all
>    Kerberos keys available: True
>    SSH public key fingerprint: 
> 51:B0:DC:AD:B3:33:5F:DE:39:6C:6E:4F:35:E1:A4:90 
> karmstr...@liberty.edu<mailto:karmstr...@liberty.edu> (ssh-rsa)
>
>
>
> Double check the web interface, says that No Key is Set
>
> Followed same procedure for a host, got the same exact results.
>
> Tried to ssh as the user to the host that has keys set via command line, get 
> the message that the keys could not be validated.
>
> Thanks.
>
> -Kenny
>
> On Wed, 2013-07-17 at 10:33 +0200, Petr Vobornik wrote:
>
>
> On 07/16/2013 07:24 PM, Armstrong, Kenneth Lawrence wrote:
>> Hello all,
>>
>> i have a new problem with the SSH Key bit in the web interface.  I created a 
>> new ssh key for a user, and pasted it into the web interface for the user.  
>> Afterward, it said that the key was not set.  So I attempted again from the 
>> commandline, and it looks like it took it.  However, when I go back to the 
>> web interface, it doesn't show one set for the user.
>>
>> I logged out of the interface and back in, but same story.
>>
>> Running IPA server 3.0 on RHEL 6.4.
>>
>> Any thoughts?
>>
>> -Kenny
>>
>
> Hello Kenny,
>
> When SSH Public keys field in Web UI displays: "New: key not set" it
> means that the key was not set in 'Show/Set key' dialog. In other words
> you did not paste anything into the textarea or you pressed 'Cancel'
> button instead of 'Set' button.
>
> If something is pasted and confirmed by 'Set' button it displays: 'New:
> key set'. The last remaining step is to click on 'Update' button on the
> header part of the page to confirm and perform all the changes you made
> on the page.
>
> When keys are set in LDAP you should see a line similar to following for
> each key:
> "13:67:6B:BF:4E:A2:05:8E:AE:25:8B:A1:31:DE:6F:1B public key test (ssh-rsa)"
> Each fingerprint is followed by 'Show/Set key' and 'Delete' buttons.
>
> I can't comment the CLI part without more information: key and exact
> command you used.
>
> HTH
>
>




_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to