Andrew's suggestion works fine, but you can also set up a simple krb5.conf
on the source hosts and then issue a kinit.  It doesn't have to be a "full"
IPA client for that to work.

You can also do this from a Windows box by using the MIT Kerberos for
Windows package:  http://web.mit.edu/Kerberos/dist/  (you can also do ssh
keys from windows with putty.)


On Wed, Mar 19, 2014 at 7:20 AM, Andrew Holway <andrew.hol...@gmail.com>wrote:

> Hi Fred,
>
> You can add your public keys to the users profile via the GUI of CLI.
> Take contents of the .ssh/id_rsa.pub from your Fedora20 Laptop and
> insert it in the GUI.
>
> User -> ACCOUNT SETTINGS -> SSH public keys -> add
>
>
> http://docs.fedoraproject.org/en-US/Fedora/17/html/FreeIPA_Guide/user-keys.html
>
> Thanks,
>
> Andrew
>
> On 19 March 2014 09:38, Fred van Zwieten <fvzwie...@vxcompany.com> wrote:
> > Hi,
> >
> > Subject says it all actually. I have a laptop with Fedora20. I work as a
> > contractor on different assignments. Some of them have an IPA domain set
> up.
> > Their RHEL6 servers are all IPA clients. I would like to ssh into these
> > servers passwordless using ssh-agent and such. Is this possible? If so,
> how
> > would I set this up?
> >
> > BTW passwordless login already works when ssh-ing from an IPA client into
> > another IPA client.
> >
> > Fred
> >
> > _______________________________________________
> > Freeipa-users mailing list
> > Freeipa-users@redhat.com
> > https://www.redhat.com/mailman/listinfo/freeipa-users
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>



-- 
The government is going to read our mail anyway, might as well make it
tough for them.  GPG Public key ID:  B6A1A7C6
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to