On Wed, 2013-09-11 at 11:49 -0400, Simo Sorce wrote: > On Wed, 2013-09-11 at 10:39 -0500, Dean Hunter wrote: > > On Wed, 2013-09-11 at 11:20 -0400, Simo Sorce wrote: > > > On Wed, 2013-09-11 at 08:39 -0500, Dean Hunter wrote: > > > > > > > I do NOT believe this: > > > > [dean@ipa2 ~]$ ssh dean@desktop2 > > > > Last login: Wed Sep 11 08:32:21 2013 from ipa2.hunter.org > > > > Could not chdir to home directory /home/net/dean: Permission > > > > denied > > > > -bash: /home/net/dean/.bash_profile: Permission denied > > > > > > > > -bash-4.2$ logout > > > > -bash: /home/net/dean/.bash_logout: Permission denied > > > > Connection to desktop2 closed. > > > > > > > > [dean@ipa2 ~]$ su - > > > > Password: > > > > > > > > [root@ipa2 ~]# ssh dean@desktop2 > > > > dean@desktop2's password: > > > > Last login: Wed Sep 11 08:34:29 2013 from ipa2.hunter.org > > > > > > > > [dean@desktop2 ~]$ logout > > > > Connection to desktop2 closed. > > > > > > > > [root@ipa2 ~]# logout > > > > > > > > [dean@ipa2 ~]$ ssh dean@desktop2 > > > > Last login: Wed Sep 11 08:35:16 2013 from ipa2.hunter.org > > > > > > > > [dean@desktop2 ~]$ > > > > > > > > > > Are you using a kerberized NFS mount ? > > > > > > I think what is happening is that when going via SSH rpc.gssd cannot > > > find your ticket, ssh may be doing something "wrong" in this case. > > > > > > Simo. > > > > > Yes, I am using Kerberos with NFS. > > > > Should I report this as a bug? > > > We need to decide what component is faulty. It may be possible we can > get it working somehow. > > When you ssh in what is the ccache ssh assign you ? > can you run klist and post the output (sanitize it if needed) ? > > Simo. >
I hope this is what you requested: [dean@ipa2 ~]$ klist Ticket cache: DIR::/run/user/1387400001/krb5cc/tktFDDxRR Default principal: d...@hunter.org Valid starting Expires Service principal 09/11/13 19:43:28 09/12/13 19:43:28 krbtgt/hunter....@hunter.org [dean@ipa2 ~]$ ssh dean@desktop2 Last login: Wed Sep 11 19:41:48 2013 from ipa2.hunter.org Could not chdir to home directory /home/net/dean: Permission denied -bash: /home/net/dean/.bash_profile: Permission denied -bash-4.2$ hostname desktop2.hunter.org -bash-4.2$ klist klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_1387400001) -bash-4.2$ logout -bash: /home/net/dean/.bash_logout: Permission denied Connection to desktop2 closed. [dean@ipa2 ~]$ klist Ticket cache: DIR::/run/user/1387400001/krb5cc/tktFDDxRR Default principal: d...@hunter.org Valid starting Expires Service principal 09/11/13 19:43:28 09/12/13 19:43:28 krbtgt/hunter....@hunter.org 09/11/13 19:44:43 09/12/13 19:43:28 host/desktop2.hunter....@hunter.org [dean@ipa2 ~]$
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users