Hello
we have freeipa server and few servers hosts (ipa clients). For some single sign on works for some not.
example:
i am on server1 loged as user@server1
i want to switch to server2 so i just type ssh server2 and it will connect me without typing password again.
with verbose: debug1: Next authentication method: gssapi-with-mic debug1: Authentication succeeded (gssapi-with-mic).
all fine
but on some hosts it asking me for password
ssh server3 -v
verbose: debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey
so its looks like its not even trying use kerberos ticket
all ipa clients are the same system (ubuntu 14.04) we have external DNS only with A records.
so where can be problem?
thank you for tips.
[link][5 comments]