2015-04-24 17:47 GMT+02:00 Rob Crittenden :
> John Obaterspok wrote:
> > Hello,
> >
> > I'm on F21 and if I login to my workstation I can then sso using ssh to
> > host X. But then I'm also able to sso from x -> y.
> >
> > If I'm on x and issue klist I see this:
> > klist: No credentials cache found (ticket cache FILE:/tmp/krb5
> >
> > Should I really be able to do this?
> >
> > --- john
> >
> >
>
> Did you add your ssh pubkey? ssh -vv will show you the auth method that
> it is using.
>
Of course, I just forgot about it :)
For the record, gssapi-with-mic was the auth method.
> FILE:/tmp/krb5 is a rather odd place to store the ccache too. On F21 it
> should be using KEYRING:persistent::
The host that I ssh'ed into had F20.
Thanks Rob!
-- john
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project