#2186 FAST does not work in SSSD 1.11.2 in Fedora 20
Closed: Fixed None Opened 6 years ago by abbra.

I have configured FreeIPA with two-factor authentication and set up SSSD to try FAST. SSSD runs on IPA master itself:

krb5_use_fast = try
krb5_fast_principal = host/master.ipa.test

When trying to login through SSH to the master.ipa.test, I've entered OTP key and in SSSD logs I can see that SSSD krb5 child did negotiate FAST, obtained the ticket for the user and finally stored it in the keyring ccache. However, SSSD's domain child did receive a response back that it didn't understand, therefore, full logon failed.


Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.11.4

Fields changed

resolution: => fixed
status: new => closed

Fields changed

changelog: => Helps enable the use of OTP with an IPA server.

Metadata Update from @abbra:
- Issue set to the milestone: SSSD 1.11.4

3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/3228

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata