[Freeipa-users] Re: Free IPA DNS Issues

Hey, Do we have any docs regarding this? Also where to set tuning settings like suppose if i want to make any changes on ipa server how frequently it will apply the changes to clients? Coz once i remove the users public key first its allowing him into ssh server first and second attempt he is

[Freeipa-users] Re: Free IPA DNS Issues

Hi, Thanks for the links Alexander,I tried to setup as per the documents it is working without any issues. Problem: I tried to bring the ipa server down and I am still able to communicate with ssh-key mechanism.How it is possible and how it is allowing me to communicate.Ideally when the ipa

[Freeipa-users] Re: Free IPA DNS Issues

Thanks Alexander,Thanks for the info On Tue, 3 Oct 2023 at 2:21 PM, Alexander Bokovoy wrote: > On Аўт, 03 кас 2023, Pradeep KNS wrote: > >Thanks for the information. > >Will go through the document. > > > >But if i add the public key i am able authenticate from server A to server > >B and C

[Freeipa-users] Re: Free IPA DNS Issues

Thanks for the information. Will go through the document. But if i add the public key i am able authenticate from server A to server B and C from same Server A. But if i want to communicate in-between Server B to Server C how this ipa will work? should i want to copy my pvt key?? Across all the

[Freeipa-users] Re: Free IPA DNS Issues

Hi Alexander, Thanks for your email, Like this i need to add all servers? As my dns is located in internal different server. Also if i want to jump from one server to another server on ipa clients using sshkeybased? How this mechanism works? here On Tue, 3 Oct 2023 at 1:45 PM, Pradeep KNS

[Freeipa-users] Re: Free IPA DNS Issues

Awesome, thanks for the info! On Tue, 3 Oct 2023 at 1:44 PM, Alexander Bokovoy wrote: > On Аўт, 03 кас 2023, Pradeep KNS via FreeIPA-users wrote: > >Hi Rob, > > > >Thanks for your email, > > > >Yeah true FQDN is working without any issues.But is there any way to ssh > >via IP as well rather

[Freeipa-users] Re: Free IPA DNS Issues

On Аўт, 03 кас 2023, Pradeep KNS wrote: Thanks for the information. Will go through the document. But if i add the public key i am able authenticate from server A to server B and C from same Server A. But if i want to communicate in-between Server B to Server C how this ipa will work? should i

[Freeipa-users] Re: Free IPA DNS Issues

On Аўт, 03 кас 2023, Pradeep KNS wrote: Hi Alexander, Thanks for your email, Like this i need to add all servers? As my dns is located in internal different server. Only if you need to use Kerberos authentication. Also if i want to jump from one server to another server on ipa clients

[Freeipa-users] Re: Free IPA DNS Issues

On Аўт, 03 кас 2023, Pradeep KNS via FreeIPA-users wrote: Hi Rob, Thanks for your email, Yeah true FQDN is working without any issues.But is there any way to ssh via IP as well rather than hostname Kerberos authentication is based on names of services known to your KDC. IP address is not a

[Freeipa-users] Re: Free IPA DNS Issues

Hi Rob, Thanks for your email, Yeah true FQDN is working without any issues.But is there any way to ssh via IP as well rather than hostname On Tue, 3 Oct 2023 at 2:22 AM, Rob Crittenden wrote: > Pradeep KNS wrote: > > ssh kns@10.40.1.201 -v > > [snip] > > >

[Freeipa-users] Re: Free IPA DNS Issues

Pradeep KNS wrote: > ssh kns@10.40.1.201 -v [snip] > SHA256:1BAWa9F52c6u26qe8T9ZQsin3lk+VTFeRYBDtkOzNMU > debug1: load_hostkeys: fopen /home/kns/.ssh/known_hosts: No such file or > directory > debug1: load_hostkeys: fopen /home/kns/.ssh/known_hosts2: No such file > or directory > debug1: Host

[Freeipa-users] Re: Free IPA DNS Issues

Also ssh logs [kns@ti-mum1-pve04 ~]$ ssh kns@10.40.1.201 -v OpenSSH_8.7p1, OpenSSL 3.0.7 1 Nov 2022 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Reading configuration data /etc/ssh/ssh_config.d/04-ipa.conf debug1: Executing command: 'true' debug1: Reading configuration data

[Freeipa-users] Re: Free IPA DNS Issues

Hi, I am able to configure Freeipa with internal DNS which is located on a different server and added dns records under the dns zone file. Now i have created a user and am able to communicate from Localhost to ipa client both key based and password based both. *Issue:* Not able to ssh via from

[Freeipa-users] Re: Free IPA DNS Issues

Thanks a lot,Will try it. On Thu, Aug 31, 2023 at 10:40 AM Yavor Marinov wrote: > Hey guys, > > I would suggest an easier and quite simple method: create a subdomain in > your current DNS, and describe its NSes to point to FreeIPA's DNSes. > Configure FreeIPA with a subdomain, instead of the

[Freeipa-users] Re: Free IPA DNS Issues

Hey guys, I would suggest an easier and quite simple method: create a subdomain in your current DNS, and describe its NSes to point to FreeIPA's DNSes. Configure FreeIPA with a subdomain, instead of the domain and if you need to create forwarding rules in FreeIPA to use your main DNS as a

[Freeipa-users] Re: Free IPA DNS Issues

Hi Pradeep, On Wed, Aug 30, 2023 at 3:27 PM Pradeep KNS via FreeIPA-users < freeipa-users@lists.fedorahosted.org> wrote: > > Hi Rob, > > Thank you for your valuable insights on FreeIPA and DNS. I have an existing internal DNS server that I would like to integrate with FreeIPA's DNS feature. As I

[Freeipa-users] Re: Free IPA DNS Issues

Hi Rob, Thank you for your valuable insights on FreeIPA and DNS. I have an existing internal DNS server that I would like to integrate with FreeIPA's DNS feature. As I understand it, FreeIPA can serve as an integrated DNS solution. However, I would like to ensure that my existing internal DNS

[Freeipa-users] Re: Free IPA DNS Issues

Pradeep KNS via FreeIPA-users wrote: > Hello Team, > > While setting up Freeipa in my Linux infrastructure.I noticed a strange > warning. I would like to clarify before rolling into production. > * > * > *|DNS zone alpha-grep.com . already exists in DNS > and is handled by