|
Hi all,
I am trying to setup Freeipa with otp using the freeotp app. All
looks fine, adding the user to the FreeOTP app also works fine.
The users looks like:
ipa user-show otpuser
User login: otpuser
First name: otp
Last name: user
Home directory: /home/otpuser
Login shell: /bin/bash
Email address: [email protected]
UID: 10011
GID: 10011
User authentication types: otp
Account disabled: False
Password: True
Member of groups: ipausers
Kerberos keys available: True
However, trying to login in will fail; /var/log/krb5kdc.log will
tell:
Jun 07 14:44:37 ipa.blabla.bla
krb5kdc[5887](info): AS_REQ (6 etypes {18 17 16 23 25 26})
192.168.1.251: NEEDED_PREAUTH: [email protected] for
krbtgt/[email protected], Additional pre-authentication
required
Jun 07 14:44:37 ipa.blabla.bla krb5kdc[5887](info): closing down
fd 12
Jun 07 14:44:42 ipa.blabla.bla krb5kdc[5888](info): preauth
(otp) verify failure: Connection timed out
I just cannot figure out what's going wrong.
What is trying to connect to causing this timeout? (yep, I
disabled firewalld for this...)
Winny
|
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
