Hi, I have installed an ipa with internal dns.After installing updated entries on dns as well.
My main criteria is to communicate with ipa clients with ssh keybased authentication which is working fine. Today i tot of i want to test with password based authentication which is not happening.I dont know where i am missing [[email protected]]# ipa --version VERSION: 4.10.1, API_VERSION: 2.251 [[email protected]]# ********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE: * (2023-11-23 19:33:16): [krb5_child[11588]] [tgt_req_child] (0x1000): [RID#15] Password was expired * (2023-11-23 19:33:16): [krb5_child[11588]] [sss_krb5_responder] (0x4000): [RID#15] Got question [password]. * (2023-11-23 19:33:16): [krb5_child[11588]] [map_krb5_error] (0x0020): [RID#15] 2138: [-1765328324][Generic error (see e-text)] ********************** BACKTRACE DUMP ENDS HERE ********************************* ssh log Nov 23 19:33:16 test-example.com sshd[11586]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.10.1.1 user=harsh Nov 23 19:33:16 test-example.com sshd[11586]: pam_sss(sshd:auth): received for user harsh: 4 (System error) Nov 23 19:33:18test-example.com sshd[11584]: error: PAM: Authentication failure for harsh from 10.10.1.1 Nov 23 19:33:20 test-example.com sshd[11584]: Connection closed by authenticating user harsh 10.10.1.1 port 47724 [preauth]
-- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
