Hide Forgot
It'd be relatively easy for the proxy to use the existing krb5 infrastructure (used by GSS-TSIG DNS updates and Realm) as an optional alternative to SSH keys.
Created from redmine issue http://projects.theforeman.org/issues/11936
How does this BZ differ from https://bugzilla.redhat.com/show_bug.cgi?id=1386266 ?
Upstream bug assigned to aruzicka
This BZ is about reusing the information we have (keytab for Realms (https://theforeman.org/manuals/1.15/index.html#4.3.8Realm) or GSS TSIG (https://theforeman.org/manuals/1.15/index.html#4.3.8Realm)) to run jobs on hosts in that realm. This BZ cannot be closed without closing https://bugzilla.redhat.com/show_bug.cgi?id=1386266 first, as you'd need first the ability to run jobs via tokens to be able to use the keytabs I mentioned.
Moving this bug to POST for triage into Satellite 6 since the upstream issue http://projects.theforeman.org/issues/11936 has been resolved.
Verified on Sat 6.3 snap 35 along with https://bugzilla.redhat.com/show_bug.cgi?id=1386266
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. > > For information on the advisory, and where to find the updated files, follow the link below. > > If the solution does not work for you, open a new bug report. > > https://access.redhat.com/errata/RHSA-2018:0336