I can't help but wonder if it is something with the browser cache, as after I posted my notes from yesterday to the mailing list, I logged into the web UI and see that my keys are now there. And yes, I did recently upgrade this server, so the cache must have been trying to work with old data.
Thanks! -Kenny On Wed, 2013-07-17 at 15:44 +0200, Petr Vobornik wrote: I've tested your key on a fresh install of ipa-server-3.0.0-25.el6.x86_64 and it works for me. On the other hand, the description of the problem looks like a Web UI bug. Is it possible, that you recently upgraded IPA server and Web browser still contains some old files in a cache? Please try reloading the UI with forced cache override, usual shortcut: Ctrl + F5 or Ctrl + Shift + R Petr On 07/17/2013 03:04 PM, Armstrong, Kenneth Lawrence wrote: > Thanks Petr, > > I am 100% positive that I pressed 'Set' and not 'Cancel'. > > Here are the exact steps and keys I used: > > Generate an ssh public key (for user): > > ssh-keygen -t rsa -C > [email protected]<mailto:[email protected]><mailto:[email protected]> > > Cat out the key, paste into web interface for user: > > cat .ssh/id_rsa.pub > ssh-rsa > AAAAB3NzaC1yc2EAAAABIwAAAQEA8EDvuInIneXbzg9WrkLKBkVHB0O6bAPjNMF4dTyOqdwX2HDLtLVcW4VY7/03p6xOc014z3rio4GWXa3Othkf5/hqhpQR1C4CUGgSnnUVC7gw/aI9ZpFbp9UGQdEw7E6ii1qDmoyH80wA0pSMfp/Tg19mdm/3GKNqeNCtkpEyMQXyPBeNk0Xba4RXpGio98LOyOxONrYPi4/eR15vzoinBebDN4URAuUgNUxpRrrZp4cWV6W5Bu1zhKblPcAd6jP8qDv/Uty8Jew3GSRo7uZhxzPQQrw+0wBXrUSffPDEe5FH7gPy74J/EfHGtmhbThrrJQ5tmSuqiZnvbnxc3fv6ew== > > [email protected]<mailto:[email protected]><mailto:[email protected]> > > > Web interface says that the key is set > > Click Update on web interface, get IPA Error 4202 "no modifications to be > performed" > > > Skip the web interface, try from command line, appears to succeed: > > [karmstrong@linuxclient<mailto:karmstrong@linuxclient> ~]$ ipa user-mod > karmstrong --sshpubkey="ssh-rsa > AAAAB3NzaC1yc2EAAAABIwAAAQEA8EDvuInIneXbzg9WrkLKBkVHB0O6bAPjNMF4dTyOqdwX2HDLtLVcW4VY7/03p6xOc014z3rio4GWXa3Othkf5/hqhpQR1C4CUGgSnnUVC7gw/aI9ZpFbp9UGQdEw7E6ii1qDmoyH80wA0pSMfp/Tg19mdm/3GKNqeNCtkpEyMQXyPBeNk0Xba4RXpGio98LOyOxONrYPi4/eR15vzoinBebDN4URAuUgNUxpRrrZp4cWV6W5Bu1zhKblPcAd6jP8qDv/Uty8Jew3GSRo7uZhxzPQQrw+0wBXrUSffPDEe5FH7gPy74J/EfHGtmhbThrrJQ5tmSuqiZnvbnxc3fv6ew== > > [email protected]<mailto:[email protected]><mailto:[email protected]>" > -------------------------- > Modified user "karmstrong" > -------------------------- > User login: karmstrong > First name: Kenneth > Last name: Armstrong > Home directory: /import/is/users/karmstrong > Login shell: /bin/bash > UID: 1838200001 > GID: 1838200001 > Account disabled: False > SSH public key: ssh-rsa > > AAAAB3NzaC1yc2EAAAABIwAAAQEA8EDvuInIneXbzg9WrkLKBkVHB0O6bAPjNMF4dTyOqdwX2HDLtLVcW4VY7/03p6xOc014z3rio4GWXa3Othkf5/hqhpQR1C4CUGgSnnUVC7gw/aI9ZpFbp9UGQdEw7E6ii1qDmoyH80wA0pSMfp/Tg19mdm/3GKNqeNCtkpEyMQXyPBeNk0Xba4RXpGio98LOyOxONrYPi4/eR15vzoinBebDN4URAuUgNUxpRrrZp4cWV6W5Bu1zhKblPcAd6jP8qDv/Uty8Jew3GSRo7uZhxzPQQrw+0wBXrUSffPDEe5FH7gPy74J/EfHGtmhbThrrJQ5tmSuqiZnvbnxc3fv6ew== > [email protected]<mailto:[email protected]> > Password: True > Member of groups: ipausers, linux_admin, gensys > Member of Sudo rule: sudo-all > Kerberos keys available: True > SSH public key fingerprint: > 51:B0:DC:AD:B3:33:5F:DE:39:6C:6E:4F:35:E1:A4:90 > [email protected]<mailto:[email protected]> (ssh-rsa) > > > > Double check the web interface, says that No Key is Set > > Followed same procedure for a host, got the same exact results. > > Tried to ssh as the user to the host that has keys set via command line, get > the message that the keys could not be validated. > > Thanks. > > -Kenny > > On Wed, 2013-07-17 at 10:33 +0200, Petr Vobornik wrote: > > > On 07/16/2013 07:24 PM, Armstrong, Kenneth Lawrence wrote: >> Hello all, >> >> i have a new problem with the SSH Key bit in the web interface. I created a >> new ssh key for a user, and pasted it into the web interface for the user. >> Afterward, it said that the key was not set. So I attempted again from the >> commandline, and it looks like it took it. However, when I go back to the >> web interface, it doesn't show one set for the user. >> >> I logged out of the interface and back in, but same story. >> >> Running IPA server 3.0 on RHEL 6.4. >> >> Any thoughts? >> >> -Kenny >> > > Hello Kenny, > > When SSH Public keys field in Web UI displays: "New: key not set" it > means that the key was not set in 'Show/Set key' dialog. In other words > you did not paste anything into the textarea or you pressed 'Cancel' > button instead of 'Set' button. > > If something is pasted and confirmed by 'Set' button it displays: 'New: > key set'. The last remaining step is to click on 'Update' button on the > header part of the page to confirm and perform all the changes you made > on the page. > > When keys are set in LDAP you should see a line similar to following for > each key: > "13:67:6B:BF:4E:A2:05:8E:AE:25:8B:A1:31:DE:6F:1B public key test (ssh-rsa)" > Each fingerprint is followed by 'Show/Set key' and 'Delete' buttons. > > I can't comment the CLI part without more information: key and exact > command you used. > > HTH > >
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
