[Bug 1775636] Re: sss_ssh_authorizedkeys fails with: Error looking up public keys when client cert present in IPA

That patch will require some backporting effort as it depends on other changes done before in that 1-13 branch. -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to sssd in Ubuntu. https://bugs.launchpad.net/bugs/1775636 Title:

[Bug 1775636] Re: sss_ssh_authorizedkeys fails with: Error looking up public keys when client cert present in IPA

It looks like this could be https://pagure.io/SSSD/sssd/issue/2977 Can you try adding this line to the [domain/] section of xenial's /etc/sssd/sssd.conf: ldap_user_certificate = noSuchAttribute and then restart sssd: sudo service sssd restart It worked around the problem here. Next I'm going

[Bug 1775636] Re: sss_ssh_authorizedkeys fails with: Error looking up public keys when client cert present in IPA

Yeah, ipa-client-install worked. Ok, problem confirmed on xenial, and working on trusty: root@xenial-freeipaclient:~# sss_ssh_authorizedkeys andreas Error looking up public keys root@xenial-freeipaclient:~# root@trusty-freeipaclient:~# sss_ssh_authorizedkeys andreas ssh-rsa

Re: [Bug 1775636] Re: sss_ssh_authorizedkeys fails with: Error looking up public keys when client cert present in IPA

I'm trying on trusty and just found out realmd there segfaults when joining On Fri, Jun 8, 2018, 12:30 4tro <1775...@bugs.launchpad.net> wrote: > Yes, seems right. > > I have setup a system with ubuntu 18.04, and the problem doesn't show up > there. > > -- > You received this bug notification

[Bug 1775636] Re: sss_ssh_authorizedkeys fails with: Error looking up public keys when client cert present in IPA

How did you add the certificate to the user? Following https://www.freeipa.org/page/Howto/Client_Certificate_Authentication_with_LDAP perhaps? Is that howto still up-to-date for your deployment? -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed

[Bug 1775636] Re: sss_ssh_authorizedkeys fails with: Error looking up public keys when client cert present in IPA

I'm also taking a look at reproducing this. -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to sssd in Ubuntu. https://bugs.launchpad.net/bugs/1775636 Title: sss_ssh_authorizedkeys fails with: Error looking up public keys when client cert

[Bug 1773449] Re: VM rbd backed block devices inconsistent after unexpected host outage

** Changed in: charm-ceph-mon Assignee: (unassigned) => James Page (james-page) ** Changed in: charms.ceph Assignee: (unassigned) => James Page (james-page) ** Changed in: charm-ceph-mon Status: Triaged => In Progress ** Changed in: charms.ceph Status: Triaged => In

[Bug 1773449] Re: VM rbd backed block devices inconsistent after unexpected host outage

OK figured this one out - the cephx keys are missing a permission which allows them to see blacklisted clients - as a result they can't deal with a hard crash: mon 'allow command "osd blacklist"' This is a charm issue after all. As a workaround you can manually update the existing client keys

[Bug 1773449] Re: VMs do not survive host reboot

Raising bug tasks for ceph and qemu as I think this is where the issue lies; nova generates the same libvirt xml disk stanzas for versions that work and versions that have this issue. ** Also affects: ceph (Ubuntu) Importance: Undecided Status: New ** Also affects: qemu (Ubuntu)