date:20161120

[Freeipa-users] packet_write_wait: Connection to x.x.x.x port 22: Broken pipe

2016-11-20 Thread Lachlan Musicman

Hola,

I'm getting the above error when trying to login - inconsistently and after
the password request.

Using debian's openssh 7.3p1-3 going into Centos 7.2, FreeIPA 4.2 and sssd
1.14.2 (from copr).

When I google, none of the results seem applicable, but I'm not 100% sure,
and testing seems difficult.

On the test client, I've set pam_id_timeout and kr5b_auth_timeout to 30
because we found that helped with the transfer of data between the FreeIPA
server and the enrolled host, and I thought that might be causing the error.

Having added both ServerAliveInterval 60 and ClientAliveInterval 60 just to
humour myself (and the google results) but am still getting this result.
This is a solution I'd rather not implement anyway, but I thought I'd check.

Has anyone seen this before?

cheers
L.

--
The most dangerous phrase in the language is, "We've always done it this
way."

- Grace Hopper
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] Is there an simple way to add in sudo time window options in FreeIPA?

2016-11-20 Thread Jakub Hrozek


> On 18 Nov 2016, at 19:12, Robert Kleinberg  wrote:
> 
> Would like to establish valid sudo usage windows with sudonotbefore and 
> sudonotafter options.  However, I did not see an easy way to set this up 
> other than via an sudo options text entry line.  Is there another menu-driven 
> way that shows a schedule of allowed times?
>  

I think at the moment you need to —setattr or —addattr the sudo attributes,  I 
don’t think the sudo IPA UI allows settings these “natively”.

> Bob Kleinberg
> Lead System Engineer
>  
> KEYW Corporation|www.keywcorp.com 
> 7740 Milestone Parkway, Suite 400 | Hanover, MD 21076
> 443-737-9703
>  
> -- 
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users 
> 
> Go to http://freeipa.org  for more info on the project

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

[Freeipa-users] packet_write_wait: Connection to x.x.x.x port 22: Broken pipe

Re: [Freeipa-users] Is there an simple way to add in sudo time window options in FreeIPA?

2 matches

Site Navigation

Mail list logo

Footer information