Andrew's suggestion works fine, but you can also set up a simple krb5.conf on the source hosts and then issue a kinit. It doesn't have to be a "full" IPA client for that to work.
You can also do this from a Windows box by using the MIT Kerberos for Windows package: http://web.mit.edu/Kerberos/dist/ (you can also do ssh keys from windows with putty.) On Wed, Mar 19, 2014 at 7:20 AM, Andrew Holway <andrew.hol...@gmail.com>wrote: > Hi Fred, > > You can add your public keys to the users profile via the GUI of CLI. > Take contents of the .ssh/id_rsa.pub from your Fedora20 Laptop and > insert it in the GUI. > > User -> ACCOUNT SETTINGS -> SSH public keys -> add > > > http://docs.fedoraproject.org/en-US/Fedora/17/html/FreeIPA_Guide/user-keys.html > > Thanks, > > Andrew > > On 19 March 2014 09:38, Fred van Zwieten <fvzwie...@vxcompany.com> wrote: > > Hi, > > > > Subject says it all actually. I have a laptop with Fedora20. I work as a > > contractor on different assignments. Some of them have an IPA domain set > up. > > Their RHEL6 servers are all IPA clients. I would like to ssh into these > > servers passwordless using ssh-agent and such. Is this possible? If so, > how > > would I set this up? > > > > BTW passwordless login already works when ssh-ing from an IPA client into > > another IPA client. > > > > Fred > > > > _______________________________________________ > > Freeipa-users mailing list > > Freeipafirstname.lastname@example.org > > https://www.redhat.com/mailman/listinfo/freeipa-users > > _______________________________________________ > Freeipa-users mailing list > Freeipaemail@example.com > https://www.redhat.com/mailman/listinfo/freeipa-users > -- The government is going to read our mail anyway, might as well make it tough for them. GPG Public key ID: B6A1A7C6
_______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users