Hi, I have a question on this.
Can there be multiple SSH keys in that box in the GUI? For instance, we might have 2 keys for our “Admin” account? Thanks for your help, — C > On 23 Mar 2016, at 12:46, Fabrice Bacchella <fabrice.bacche...@orange.fr> > wrote: > >> >> Le 23 mars 2016 à 12:28, Yedidyah Bar David <d...@redhat.com> a écrit : >> >> On Wed, Mar 23, 2016 at 1:04 PM, Fabrice Bacchella >> <fabrice.bacche...@orange.fr> wrote: >>> I'm reading the documentation here : >>> http://www.ovirt.org/documentation/admin-guide/serial-console-setup/ >>> >>> After a few strace, I found the ssh configuration used for the custom ssh >>> that listen on port 2222: >>> /usr/share/ovirt-vmconsole/ovirt-vmconsole-proxy/ovirt-vmconsole-proxy-sshd/sshd_config >>> >>> And I have a big problem with it. >>> It says "GSSAPIAuthentication no" but public key authentication is not >>> allowed in my data center, we use kerberos every where. >>> So I wonder if I can edit this file ? How is it managed by ovirt ? >> >> In general, things under /usr are only packaged, not "managed". So a >> next upgrade will overwrite your changes. > > Ok, so I just need to take care how modifications and upgrade are done (using > puppet) and everything should be fine. >> >> Seems like both its systemd unit and sysv init script read >> /etc/sysconfig/ovirt-vmconsole-proxy-sshd if it exists and add >> ${OPTIONS} to sshd's command line. So you can try to: >> >> echo 'OPTIONS="-o GSSAPIAuthentication=yes"' >> >> /etc/sysconfig/ovirt-vmconsole-proxy-sshd >> >> > > I tried that. It works. I now have pure kerberos only problems. But that's a > good direction. > >> and restart it. >> > > > _______________________________________________ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
