Description of problem:
Using sssd 1.6.1-3 on fc27 and fc28 and joined to a FreeIPA domain hosted on the ipa in CentOS 7 CR, sss_ssh_knownhostproxy cache file is always empty and ssh prompts to accept host keys
Version-Release number of selected component (if applicable):
On both fc27 and fc28, seemingly always (I have three fedora nodes I've tested with, 2 27 and 1 28, all on 1.16.1-3). Nodes running CentOS 7 IPA client still cache host keys as expected.
Steps to Reproduce:
1. Create a FreeIPA domain on an el7 host
2. Join a fedora 27 or 28 node to the domain
3. SSH from the client to the domain controller - the host key should be cached
ssh prompts to accept the hostkey, complaining that the proxy didn't give an answer ('no hostip for proxy command')
The key is read from cache and login happens through GSSAPI
*** This bug has been marked as a duplicate of bug 1574778 ***
I'm so sorry for the regression.
I used to test sssd a little bit more when I was backporting many upstream patches to fedora dist-git.
I cannot have commit rights anymore for unknown reason therefore the only way how can I help you is to provide link to copr build with fixed version
(In reply to Lukas Slebodnik from comment #2)
> the only way how can I help you is to provide link to copr build with
> fixed version
And Fabiano was so kind that he did the same update also in fedora
Could you test it and provide karma?