On 02/09/2015 07:42 AM, alireza baghery wrote: > i check on both server ssh each other's name and ssh successful and resolve > name was also correct on each server > but i can not login with user admin from ipareplica via ssh (root@ipareplica]# > ssh admin@ipasrv ===> failed) > > [root@ipareplica ~]# ssh ipasrv > root@ipasrv's password: > Last login: Mon Feb 9 09:49:54 2015 from 10.30.160.20 > =====log /var/secure==== > Feb 9 09:50:29 ipasrv sshd[12076]: Accepted password for root from > 10.30.160.20 port 52110 ssh2 > Feb 9 09:50:29 ipasrv sshd[12076]: pam_unix(sshd:session): session opened > for user root by (uid=0) > ===== > [root@ipasrv ~]# ssh ipareplica > root@ipareplica's password: > Last login: Mon Feb 9 09:50:20 2015 from 10.30.160.19 > > ====== > [root@ipareplica ~]# nslookup ipasrv > Server: 10.30.160.19 > Address: 10.30.160.19#53 > > Name: ipasrv > Address: 10.30.160.19 > > ======== > [root@ipasrv ~]# nslookup ipareplica > Server: 127.0.0.1 > Address: 127.0.0.1#53 > > Name: ipareplica > Address: 10.30.160.20 > =========
Ok, so ssh is running, you can log in with root. I think that by 99% chance, your SSSD service is not running on the IPA server. Please check if this is the case and if yes, please try to (re)start it. If that helped, it would be also useful to see *why* the SSSD is not running (crash, misconfiguration, ...) Martin -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
