Hi Robbie, After setting KRB5_TRACE to a file in /tmp and running ssh command I get the following output:
[1714] 1533649123.284380: ccselect module realm chose cache KEYRING:persistent:1234:krb_ccache_6taXFjL with client principal testu...@example.com for server principal host/testclient2.example....@example.com [1714] 1533649123.284381: Getting credentials testu...@example.com -> host/testclient2.example....@example.com using ccache KEYRING:persistent:1234:krb_ccache_6taXFjL [1714] 1533649123.284382: Retrieving testu...@example.com -> host/testclient2.example....@example.com from KEYRING:persistent:1234:krb_ccache_6taXFjL with result: -1765328243/Matching credential not found [1714] 1533649123.284383: Retrieving testu...@example.com -> krbtgt/example....@example.com from KEYRING:persistent:1234:krb_ccache_6taXFjL with result: 0/Success [1714] 1533649123.284384: Starting with TGT for client realm: testu...@example.com -> krbtgt/example....@example.com [1714] 1533649123.284385: Requesting tickets for host/testclient2.example....@example.com, referrals on [1714] 1533649123.284386: Generated subkey for TGS request: aes256-cts/4DAD [1714] 1533649123.284387: etypes requested in TGS request: aes256-cts, aes128-cts, aes256-sha2, aes128-sha2, des3-cbc-sha1, rc4-hmac, camellia128-cts, camellia256-cts [1714] 1533649123.284389: Encoding request body and padata into FAST request [1714] 1533649123.284390: Sending request (947 bytes) to EXAMPLE.COM [1714] 1533649123.284391: Initiating TCP connection to stream 129.57.255.203:88 [1714] 1533649123.284392: Sending TCP request to stream 129.57.255.203:88 [1714] 1533649123.284393: Received answer (895 bytes) from stream 129.57.255.203:88 [1714] 1533649123.284394: Terminating TCP connection to stream 129.57.255.203:88 [1714] 1533649123.284395: Response was from master KDC [1714] 1533649123.284396: Decoding FAST response [1714] 1533649123.284397: FAST reply key: aes256-cts/EEAB [1714] 1533649123.284398: TGS reply is for testu...@example.com -> host/testclient2.example....@example.com with session key aes256-cts/FE3B [1714] 1533649123.284399: TGS request result: 0/Success [1714] 1533649123.284400: Received creds for desired service host/testclient2.example....@example.com [1714] 1533649123.284401: Storing testu...@example.com -> host/testclient2.example....@example.com in KEYRING:persistent:1234:krb_ccache_6taXFjL [1714] 1533649123.284403: Creating authenticator for testu...@example.com -> host/testclient2.example....@example.com, seqnum 485909485, subkey aes256-cts/061A, session key aes256-cts/FE3B [1714] 1533649123.284410: ccselect module realm chose cache KEYRING:persistent:1234:krb_ccache_6taXFjL with client principal testu...@example.com for server principal host/testclient2.example....@example.com [1714] 1533649123.284411: Getting credentials testu...@example.com -> host/testclient2.example....@example.com using ccache KEYRING:persistent:1234:krb_ccache_6taXFjL [1714] 1533649123.284412: Retrieving testu...@example.com -> host/testclient2.example....@example.com from KEYRING:persistent:1234:krb_ccache_6taXFjL with result: 0/Success [1714] 1533649123.284414: Getting credentials testu...@example.com -> host/testclient2.example....@example.com using ccache KEYRING:persistent:1234:krb_ccache_6taXFjL [1714] 1533649123.284415: Retrieving testu...@example.com -> host/testclient2.example....@example.com from KEYRING:persistent:1234:krb_ccache_6taXFjL with result: 0/Success [1714] 1533649123.284417: Creating authenticator for testu...@example.com -> host/testclient2.example....@example.com, seqnum 29531773, subkey aes256-cts/DCC1, session key aes256-cts/FE3B _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/freeipa-users@lists.fedorahosted.org/message/4UYZOHXY7LL4NQ7P2WLV4MPGGCNHHKAU/
