On Thu, Dec 20, 2018 at 12:10:37AM +, Theese, David C via FreeIPA-users
wrote:
> Hello FreeIPA Community,
>
> I am using FreeIPA version 4.4.0 on CentOS Linux 7.3.1611.
>
> Via FreeIPA's use of Kerberos, I have no problem SSHing among hosts in a
> passwordless manner (Single Sign On (SSO))
Bryan,
Thank you very much for the response.
I have double-checked that I do have both A and PTR records configured for all
hosts, and I even have an automated test that runs daily to check both forward
and reverse consistency of all DNS records specifically to avoid DNS-related
authentication
On Thu, Dec 20, 2018 at 01:08:14AM +, Theese, David C wrote:
> Bryan,
>
> Thank you very much for the response.
>
> I have double-checked that I do have both A and PTR records configured for
> all hosts, and I even have an automated test that runs daily to check both
> forward and reverse c
On Wed, Dec 19, 2018 at 09:18:35PM -0600, Bryan Mesich via FreeIPA-users wrote:
> On Thu, Dec 20, 2018 at 01:08:14AM +, Theese, David C wrote:
> > Bryan,
> >
> > Thank you very much for the response.
> >
> > I have double-checked that I do have both A and PTR records configured for
> > all h
On Wed, Dec 19, 2018 at 09:41:49PM -0600, Bryan Mesich via FreeIPA-users wrote:
> On Wed, Dec 19, 2018 at 09:18:35PM -0600, Bryan Mesich via FreeIPA-users
> wrote:
[snip...]
> I was able to reproduce the problem on my end. I forgot that Kerberos
> can canonicalize host names. If I set "dns_can
Dave
-Original Message-
From: Bryan Mesich [mailto:bryan.mes...@digikey.com]
Sent: Thursday, December 20, 2018 8:02 AM
To: FreeIPA users list
Cc: Theese, David C
Subject: Re: [Freeipa-users] Re: Single Sign On (SSO) SSH via IP Address
On Wed, Dec 19, 2018 at 09:41:49PM -0600, Bryan Mesich via