On pe, 03 maalis 2017, Jason B. Nance wrote:
I have a FreeIPA 4.4.0 setup with Active Directory trusts. Users connecting to
Linux servers from their domain-joined workstations are not required to enter a
password for the first connection. However, if they attempt to ssh to a second
Linux machine from the first they are being prompted for a password.
I've tried the following /etc/ssh/ssh_config options:
And the following /etc/ssh/sshd_config options:
Am I missing a step/configuration?
They need to allow delegation on the machine where their first hop
starts, not only on your jump server.
/ Alexander Bokovoy
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project