Red Hat Bugzilla – Bug 839625
Configuring_an_IPA_Client_on_AIX instructs to configure sshd with 'GSSAPITrustDNS' which causes sshd to no longer start
Last modified: 2014-10-15 06:55:06 EDT
Description of problem:
instructs to set 'GSSAPITrustDNS no' in /etc/ssh/sshd_config .
Version-Release number of selected component (if applicable):
current / fedora [15|16|17] instructions
Steps to Reproduce:
1. access webpage
2. implement change
3. try to start sshd
sshd no longer starts
sshd should start
- GSSAPITrustDNS is a ssh client option
- its not mentioned in the manpage but recognized
- http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/Kerberos_Errors.html mentions it as client option
- http://freeipa.com/page/ConfiguringAixClients looks like the most current howto and does not mention the option at all. I think just removing the option from the webpage is the most simple way to resolve this (recheck whole howto with an AIX client for bonus)
Kicking FreeIPA doc bugs over to Martin.
FreeIPA upstream project no longer actively maintains an upstream guide (details in www.freeipa.org/page/Upstream_User_Guide). The only actively maintained user information is therefore upstream community wiki (FreeIPA.org) and RHEL downstream user guides (http://www.freeipa.org/page/Documentation#User_Guides).
Please file upstream tickets or RHEL documentation Bugzillas to request additional fixes or enhancements in these guides. Thank you and sorry for any inconvenience.