I already ran that command to configure centos host as client. I used
'ipa-client-install --mkhomedir --no-ntp'.
Now my IPA users are able to SSH to that box, using passwords set in IPA.
Next I would like them to SSH using keys.
When I looked through the document for more info, I found this line - 'After
uploading the user keys, configure SSSD to use FreeIPA as one of its
identity domains and set up OpenSSH to use the SSSD tooling for managing
I was hoping someone can shed light on how to do that. Or if someone has
configured their IPA clients to enable key-based SSH to clients, can they
please share their experience.
On Thu, Apr 17, 2014 at 5:48 PM, Dmitri Pal <d...@redhat.com> wrote:
> On 04/17/2014 02:42 PM, quest monger wrote:
> I have setup freeipa server, and added a centos client that my ipa users
> can now ssh too by using the freeipa account credentials.
> Now, i would like my users to be able to ssh to this centos client using
> I read this - http://docs.fedoraproject.org/en-US/Fedora/18/html/FreeIPA
> I generated the key-pair, and added the public key to user account in
> freeipa web console.
> Towards the end of that document, i found this -
> "After uploading the user keys, configure SSSD to use FreeIPA as one of
> its identity domains and set up OpenSSH to use the SSSD tooling for
> managing user keys."
> No instructions in the document on how to do this.
> Do i need to do anything on the centos client-side to make this work?
> Freeipa-users mailing
> yum install ipa-client
> then run ipa-client-install with arguments you need (see man pages or
> manual) which will configure your client. Depending on the version it will
> also be able to configure SSH integration.
> See man on ipa-client-install
> Thank you,
> Dmitri Pal
> Sr. Engineering Manager IdM portfolio
> Red Hat, Inc.
> Freeipa-users mailing list
Freeipa-users mailing list