yes try "ssh admin@hostname" but do not work ====log secure-==== Feb 9 15:42:20 ipasrv sshd[13414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.30.160.20 user=admin Feb 9 15:42:20 ipasrv sshd[13414]: pam_sss(sshd:auth): authentication success; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.30.160.20 user=admin Feb 9 15:42:20 ipasrv sshd[13414]: pam_sss(sshd:account): Access denied for user admin: 6 (Permission denied) Feb 9 15:42:20 ipasrv sshd[13414]: Failed password for admin from 10.30.160.20 port 52123 ssh2 Feb 9 15:42:20 ipasrv sshd[13415]: fatal: Access denied for user admin by PAM account configuration
On Mon, Feb 9, 2015 at 3:20 PM, Martin Kosek <mko...@redhat.com> wrote: > Did you try the "ssh admin@`hostname`" command? It should show if ssh to > admin > via SSSD&FreeIPA really works. > > On 02/09/2015 11:18 AM, alireza baghery wrote: > > account admin recognize and show uid gid and groups > > On Feb 9, 2015 1:42 PM, "Martin Kosek" <mko...@redhat.com> wrote: > > > >> Ok. When on the server, does > >> > >> # id admin > >> > >> or "ssh admin@`hostname`" work? Maybe it does not recognize the admin > >> user. > >> > >> On 02/09/2015 09:29 AM, alireza baghery wrote: > >>> ipasrv# Service SSSD status > >>> sssd is runing > >>> nevertheless i restart service sssd > >>> but problem do not solved > >>> > >>> On Mon, Feb 9, 2015 at 11:19 AM, Martin Kosek <mko...@redhat.com> > wrote: > >>> > >>>> On 02/09/2015 07:42 AM, alireza baghery wrote: > >>>>> i check on both server ssh each other's name and ssh successful and > >>>> resolve > >>>>> name was also correct on each server > >>>>> but i can not login with user admin from ipareplica via ssh > >>>> (root@ipareplica]# > >>>>> ssh admin@ipasrv ===> failed) > >>>>> > >>>>> [root@ipareplica ~]# ssh ipasrv > >>>>> root@ipasrv's password: > >>>>> Last login: Mon Feb 9 09:49:54 2015 from 10.30.160.20 > >>>>> =====log /var/secure==== > >>>>> Feb 9 09:50:29 ipasrv sshd[12076]: Accepted password for root from > >>>>> 10.30.160.20 port 52110 ssh2 > >>>>> Feb 9 09:50:29 ipasrv sshd[12076]: pam_unix(sshd:session): session > >>>> opened > >>>>> for user root by (uid=0) > >>>>> ===== > >>>>> [root@ipasrv ~]# ssh ipareplica > >>>>> root@ipareplica's password: > >>>>> Last login: Mon Feb 9 09:50:20 2015 from 10.30.160.19 > >>>>> > >>>>> ====== > >>>>> [root@ipareplica ~]# nslookup ipasrv > >>>>> Server: 10.30.160.19 > >>>>> Address: 10.30.160.19#53 > >>>>> > >>>>> Name: ipasrv > >>>>> Address: 10.30.160.19 > >>>>> > >>>>> ======== > >>>>> [root@ipasrv ~]# nslookup ipareplica > >>>>> Server: 127.0.0.1 > >>>>> Address: 127.0.0.1#53 > >>>>> > >>>>> Name: ipareplica > >>>>> Address: 10.30.160.20 > >>>>> ========= > >>>> > >>>> Ok, so ssh is running, you can log in with root. I think that by 99% > >>>> chance, > >>>> your SSSD service is not running on the IPA server. Please check if > this > >>>> is the > >>>> case and if yes, please try to (re)start it. If that helped, it would > be > >>>> also > >>>> useful to see *why* the SSSD is not running (crash, misconfiguration, > >> ...) > >>>> > >>>> Martin > >>>> > >>> > >>> > >>> > >> > >> > > > >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
