>> I have a problem using freeipa version 3.0.0-50 on CentOS release 6.8. The
>> problem manifests itself as no authentication, and no DNS.
>> It seems Kerberos just stops responding to requests and requests just
>> get queued up # netstat -tuna | grep SYN_RECV Active Internet
>> connections (serv
ormal operation
Terry John
>Check time an date on all involved servers/workstations - if the difference is
>more than 300 seconds , Kerberos might not work correctly. Apply the same time
>to all involved >servers/workstations.
>Gerald
>> I have a problem using freeipa ve
while. "A while" may be a few minutes or several
hours.
The filesystem is only 58% used and "free" shows no swap in use so there seems
to be plenty of RAM available.
"top" shows CPU(s) 96% idle with "dirsirv" typically using about 3%CPU at most
I've no id
>>I am plagued by the "sssd dereference processing failed : Input/output error"
>>problem. Is there any news when this version of sssd will be released for
>>RedHat/Centos?
>If you are interested in testing of sssd-1.13.4 then you can test
>upstream(backported from fedora) version in copr.
>http
I am plagued by the "sssd dereference processing failed : Input/output error"
problem. Is there any news when this version of sssd will be released for
RedHat/Centos?
My current version is: 1.12.4-47.el6
Terry
-Original Message-
From: freeipa-users-boun...@redhat.com
[mailto:freeipa-u
other settings within
thee sshd_config file like "PermitRootLogin without-password" which may be
overridden elsewhere if ChallengeResponseAuthentication is set to yes
Terry
-Original Message-
From: Simo Sorce [mailto:s...@redhat.com]
Sent: 25 February 2016 15:01
To: Ter
This turned out to be a setting in /etc/ssh/sshd_config which gets overridden
by ipa-client-install. Needed to un-comment
PasswordAuthentication yes
Terry
From: freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Terry John
Sent: 18 February 2016 11:41
To
I have an AWS instance running Centos 6.7 correctly configured for freeipa but
I needed to make a backup machine which would remain live.
I created a clone of the machine and changed the host name and the settings in
/etc/hosts. When I tried to run ipa-client-install it told me to run the
unins
to build a freeipa server from scratch and work on that. Seems an awful lot of
work to remove one cipher :-(
terry
-Original Message-
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: 28 January 2016 14:35
To: Terry John; Marat Vyshegorodtsev; freeipa-users@redhat.com
Subject: Re
From: Rob Crittenden [mailto:rcrit...@redhat.com]
Sent: 28 January 2016 04:49
To: Marat Vyshegorodtsev; Terry John; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] FREAK Vulnerability
Marat Vyshegorodtsev wrote:
> My two cents:
>
> My "magic" string for NSS is like this (I had
: 22 January 2016 10:03
To: Terry John; Martin Kosek; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] FREAK Vulnerability
On 2016-01-21 17:54, Terry John wrote:
> Thanks for the info. I have tried nearly all the NSSCipherSuite settings in
> that ticket but none so far has e
>> I've been trying to tidy the security on my FreeIPA and this is
>> causing me some problems. I'm using OpenVAS vulnerability scanner and
>> it is coming up with this issue
>>
>> EXPORT_RSA cipher suites supported by the remote server:
>> TLSv1.0: TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 (0006)
>> TLSv
I've been trying to tidy the security on my FreeIPA and this is causing me some
problems. I'm using OpenVAS vulnerability scanner and it is coming up with this
issue
EXPORT_RSA cipher suites supported by the remote server:
TLSv1.0: TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 (0006)
TLSv1.0: TLS_RSA_EXPOR
>On Thu, Nov 12, 2015 at 08:55:25PM +0100, Martin Kosek wrote:
>> On 11/12/2015 04:51 PM, Terry John wrote:
>> >
>> >I got a core dump of certmonger failing user abrt but it's huge. Is there
>> >any particular part that would be useful.
>>
>>
>On 11/12/2015 04:51 PM, Terry John wrote:
>> I got a core dump of certmonger failing user abrt but it's huge. Is there
>> any particular part that would be useful.
>CCing Nalin and David for the core dump. More below.
> On 11/12/2015 02:17 PM, Terry John wrote:
&
I got a core dump of certmonger failing user abrt but it's huge. Is there any
particular part that would be useful.
On 11/12/2015 02:17 PM, Terry John wrote:
>> I had a working freeipa setup on a CentOS release 6.7 machine. All was well
>> until I did a yum update. Now I ha
I had a working freeipa setup on a CentOS release 6.7 machine. All was well
until I did a yum update. Now I have multiple issue apparently based around the
CMS (Service Unavailable) issue.
My current version of ipa-server is 3.0.0-47
Certmonger crashes with a segmentation fault at boot time an
17 matches
Mail list logo