Generally, I've found that this is caused by incorrect DNS records. Make sure that your A and PTR records are correct for this host.
One other thing, you should be able to run ipa-getkeytab directly on the client. Hope this helps, Dan Scott http://danieljamesscott.org On Wed, Dec 9, 2009 at 02:16, Michael Kang <[email protected]> wrote: > Does anyone know what's wrong? > > On Tue, Dec 8, 2009 at 12:35 PM, Michael Kang <[email protected]> wrote: >> >> Dear all, >> >> I had setup a FreeIPA server and a FreeIPA client. After using the ktutil >> command to import the keytab, using the following command on another machine >> to test the configuration. This still need passwd. >> >> IPA Server: >>> >>> kinit admin >>> ipa-addservice host/ipaclient.example.com >>> ipa-getkeytab -s ipaserver.example.com -p host/ipaclient.example.com -k >>> /tmp/krb5.keytab >>> scp /tmp/krb5.keytab [email protected]:/tmp/krb5.keytab >> >> IPA client: >>> >>> # ktutil >>> ktutil: read_kt /tmp/krb5.keytab >>> ktutil: write_kt /etc/krb5/krb5.keytab >>> ktutil: q >> >> ssh [email protected] (This don't need passwd.) >> >> PC or Mac: >> ssh [email protected] (This still need passwd.) >> >> What should I do? >> >> Best Regards, >> Michael Kang >> -- >> Michael Kang(康上明学) >> There is a giant asleep within every man. When the giant awakens,miracles >> happen. >> >> Personal blog: http://ufusion.org - United Fusion > > > > -- > Michael Kang(康上明学) > There is a giant asleep within every man. When the giant awakens,miracles > happen. > > Personal blog: http://ufusion.org - United Fusion > > _______________________________________________ > Freeipa-users mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/freeipa-users > _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
