I have a IPA server running on CentOS server. I have multiple Solaris boxes
that use this IPA server for SSH authentication.
When configuring the Solaris hosts to be IPA clients, one of the things i
had to do was to configure LDAP. This involved editing the /etc/ldap.conf
file. It looks like this n
makes sense.
i will still try out that cert add command in my test environment, just to
see if it works.
looks like for now, 4.1 upgrade is my best option.
On Mon, Oct 13, 2014 at 7:01 PM, Dmitri Pal wrote:
> On 10/13/2014 06:45 PM, quest monger wrote:
>
> I did the default IPA insta
, 2014 at 6:31 PM, Dmitri Pal wrote:
> On 10/13/2014 03:39 PM, quest monger wrote:
>
> I found some documentation for getting certificate signed by external CA
> (2.3.3.2. Using Different CA Configurations) -
> http://docs.fedoraproject.org/en-US/Fedora/18/html/FreeIPA_Guide/creat
existing install.
On Mon, Oct 13, 2014 at 3:24 PM, quest monger
wrote:
> I was told by my admin team that Self-signed certs pose a security risk.
>
>
> On Mon, Oct 13, 2014 at 3:17 PM, Rob Crittenden
> wrote:
>
>> quest monger wrote:
>> > Hello All,
>>
I was told by my admin team that Self-signed certs pose a security risk.
On Mon, Oct 13, 2014 at 3:17 PM, Rob Crittenden wrote:
> quest monger wrote:
> > Hello All,
> >
> > I installed FreeIPA server on a CentOS host. I have 20+ Linux and
> > Solaris clients hooked u
Hello All,
I installed FreeIPA server on a CentOS host. I have 20+ Linux and Solaris
clients hooked up to it. SSH and Sudo works on all clients.
I would like to replace the self-signed cert that is used on Port 389 and
636.
Is there a way to do this without re-installing the server and clients.
based SSH to clients, can they
please share their experience.
Thanks.
On Thu, Apr 17, 2014 at 5:48 PM, Dmitri Pal wrote:
> On 04/17/2014 02:42 PM, quest monger wrote:
>
> I have setup freeipa server, and added a centos client that my ipa users
> can now ssh too by using the freei
I have setup freeipa server, and added a centos client that my ipa users
can now ssh too by using the freeipa account credentials.
Now, i would like my users to be able to ssh to this centos client using
keys.
I read this - http://docs.fedoraproject.org/en-US/Fedora/18/html/FreeIPA
_Guide/user-keys
r account requiredpam_krb5.so.1
>
> other password requisite pam_authtok_check.so.1 force_check
> other password sufficient pam_krb5.so.1
> other password required pam_authtok_store.so.1
>
>
> From: freeip
...
Whats that proxyPassword for?
Thanks.
On Thu, Apr 10, 2014 at 12:09 PM, Dmitri Pal wrote:
> On 04/10/2014 11:41 AM, quest monger wrote:
>
> Thanks Rob, those bug reports help.
> One more question, in the official Solaris 10 documentation, i see this
> stuff -
>
>
password. I think
that should be part of the documentation, dont want all Solaris IPA users
to be using the same password and corresponding hash.
Thanks.
On Wed, Apr 9, 2014 at 4:36 PM, Rob Crittenden wrote:
> quest monger wrote:
>
>>
>> I have read through the official docu
I have read through the official documentation here for Solaris-10 -
http://docs.fedoraproject.org/en-US/Fedora/17/html/FreeIPA_Guide/Configuring_an_IPA_Client_on_Solaris.html
I have found a few web posts on how to make it work for Solaris-11.
Have any of you tried adding a Solaris-11 host to an ex
12 matches
Mail list logo