great, thanks.
On a related note: the server still doesn't get a (client) kerberos ticket,
which means I can't kinit as a user and then log into a client machine
without a password. Going the other way works fine, however.
thx
anthony
On Thu, Mar 26, 2015 at 7:14 AM, Martin Kosek
Anthony Lanni wrote:
I'm referring to the host certificate; I was looking at the web UI,
under Identity-Hosts in the server details page. The Host Certificate
section says 'No Valid Certificate'.
The server has a /etc/krb5.keytab file, and on the same page the
Enrollment section says
On 03/26/2015 05:52 PM, Anthony Lanni wrote:
kinit USER works perfectly; but I can't ssh into the client machine from
the server without it requesting a password.
I think this is a DNS issue, actually. The server isn't resolving the name
of the client, so I'm ssh'ing with the IP address, and
I am not sure what you mean. So are you saying that kinit USER done on server
fails? With what error?
On 03/26/2015 05:28 PM, Anthony Lanni wrote:
great, thanks.
On a related note: the server still doesn't get a (client) kerberos ticket,
which means I can't kinit as a user and then log into
I'm referring to the host certificate; I was looking at the web UI, under
Identity-Hosts in the server details page. The Host Certificate section
says 'No Valid Certificate'.
The server has a /etc/krb5.keytab file, and on the same page the Enrollment
section says 'Kerberos Key Present, Host
kinit USER works perfectly; but I can't ssh into the client machine from
the server without it requesting a password.
I think this is a DNS issue, actually. The server isn't resolving the name
of the client, so I'm ssh'ing with the IP address, and that's not going to
work since it's not in the
ah, ok. So I'm going to assume the problem with my server not being able to
get a DNS record for any of the clients is why the user can't ssh into the
clients.
Thanks for the help, everyone!
thx
anthony
On Thu, Mar 26, 2015 at 10:44 AM, Rob Crittenden rcrit...@redhat.com
wrote:
Anthony Lanni
Ok, thanks for reaching back. BTW, next RHEL-6 minor release should have the
keyutils dependency fixed anyway :-)
Martin
On 03/25/2015 06:59 PM, Anthony Lanni wrote:
keyutils is already installed but /bin/keyctl was 0 length (!). Anyway I
reinstalled keyutils and then ran the
On 03/25/2015 04:11 AM, Dmitri Pal wrote:
On 03/24/2015 09:17 PM, Anthony Lanni wrote:
While running ipa-server-install, it's failing out at the end with an error
regarding the client install on the server. This happens regardless of how I
input the options, but here's the latest command:
keyutils is already installed but /bin/keyctl was 0 length (!). Anyway I
reinstalled keyutils and then ran the ipa-server-install again, and this
time it completed without error.
Thanks very much, Martin and Dmitri!
thx
anthony
On Wed, Mar 25, 2015 at 5:34 AM, Martin Kosek mko...@redhat.com
On 03/24/2015 09:17 PM, Anthony Lanni wrote:
While running ipa-server-install, it's failing out at the end with an
error regarding the client install on the server. This happens
regardless of how I input the options, but here's the latest command:
ipa-server-install --setup-dns -N
While running ipa-server-install, it's failing out at the end with an error
regarding the client install on the server. This happens regardless of how
I input the options, but here's the latest command:
ipa-server-install --setup-dns -N --idstart=1000 -r EXAMPLE.COM -n
example.com -p passwd1 -a
12 matches
Mail list logo
