Learn more about these different git repos.
Other Git URLs
The sss_ssh_* commands return non-zero on error but these values are not documented In fact, it is not documented that it would ever return a non-zero value.
I managed to somehow get sssd into a state where it couldn't communicate with the IPA backend. This caused connections from remote machines to error out. I saw this on my server secure log:
Mar 18 15:08:55 rawhide2 sshd: error: AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys returned status 1
Sure enough, running this from a command-line returned the same error:
# sss_ssh_authorizedkeys admin
Error looking up public keys
# echo $?
I'm guessing it was a conscious choice to deny access on lookup failure to prevent a DoS against the key server. It would be nice to include this as well, if true.
Any error that would trigger a message to stderr might also trigger a sss_log() call, this would be more friendly to the admin than just "returned status 1".
owner: somebody => jcholast
milestone: NEEDS_TRIAGE => SSSD 1.10.0
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=928803
rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=928803 928803]
patch: 0 => 1
status: new => assigned
resolution: => fixed
status: assigned => closed
This was actually fixed in the Beta.
milestone: SSSD 1.10.0 => SSSD 1.10 beta
Metadata Update from @rcritten:
- Issue assigned to jcholast
- Issue set to the milestone: SSSD 1.10 beta
SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here:
If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.
Thank you for understanding. We apologize for all inconvenience.
to comment on this ticket.