Hi
Currently, I have 2FA implemented with password + FreeOTP as authentication
methods.
I wonder if possible to implement ssh pub+priv keys instead of a password as
the first authentication factor.
Has anyone implemented such thing?
Thank you
Daniel PC
Daniel PC via FreeIPA-users
writes:
> Currently, I have 2FA implemented with password + FreeOTP as authentication
> methods.
>
> I wonder if possible to implement ssh pub+priv keys instead of a password as
> the first authentication factor.
>
> Has anyone implemented such thing?
That's
Navi Aujla via FreeIPA-users wrote:
> Named service is generating core dumps under /var/named and
> ipa-dnskeysyncd.service is failing.
Since you are getting core dumps I'd install the debuginfo packages for
bind and ipa-slapi-nis and see if you can get a decent backtrace from
one of the core
Here are the package information on CentOS 7
rpm -q ipa-server slapi-nis 389-ds-base openldap db4 nss nspr glibc
ipa-server-4.6.4-10.el7.centos.2.x86_64
slapi-nis-0.56.0-8.el7.x86_64
389-ds-base-1.3.8.4-22.el7_6.x86_64
openldap-2.4.44-21.el7_6.x86_64
package db4 is not installed
Navi Aujla via FreeIPA-users
writes:
> Admin, Please delete this post to remove the sensitive information
1. This is email; you can't delete messages that have already been said.
2. There's no sensitive information in your post, unless you consider
hostnames sensitive. If so, I encourage you
Quick Copy and paste, Why I am not able to delete or edit my own post?
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
Terry Soucy via FreeIPA-users wrote:
> I'm in the process of migrating my production IPA servers from RH6 to
> CentOS6. I have successfully completed this in our QA environments with
> very few issues, but it seems that our production environment wants to
> be difficult.
>
> After conversion to
I'm in the process of migrating my production IPA servers from RH6 to
CentOS6. I have successfully completed this in our QA environments with
very few issues, but it seems that our production environment wants to be
difficult.
After conversion to CentOS 6, dirsrv is functioning and replicating. A
Named service is generating core dumps under /var/named and
ipa-dnskeysyncd.service is failing.
Jan 27 14:31:39 freeipa-03.prod.mcs.som.mob.nuance.com systemd[1]:
ipa-dnskeysyncd.service failed.
Jan 27 14:32:09 freeipa-03.prod.mcs.som.mob.nuance.com systemd[1]: Stopped IPA
key daemon.
Jan
Admin, Please delete this post to remove the sensitive information
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
This is a live conversion. We are currently not in a position to deploy new
servers for this.
I've worked around the issue by changing the auth to simple in named.conf,
but would like to revert back to kerberos auth.
On Mon, Jan 27, 2020 at 12:03 PM Rob Crittenden wrote:
> Terry Soucy via
I'm running "ipa-client-install --force-join --no-nisdomain -U", and it
auto discovers my freeipa servers, but places both _srv_ and the first
server under the "ipa_server" line. This results in the first server being
listed twice when running "sssctl domain-status".
Is this expected behavior? Is
12 matches
Mail list logo