mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-25 16:31:08 -06:00
Do not skip SSSD known hosts in ipa-client-install --ssh-trust-dns.
https://fedorahosted.org/freeipa/ticket/3705
This commit is contained in:
parent
093fa2daa0
commit
736dd0fcd6
@ -1212,12 +1212,12 @@ def configure_ssh_config(fstore, options):
|
||||
'PubkeyAuthentication': 'yes',
|
||||
}
|
||||
|
||||
if options.sssd and file_exists(SSH_PROXYCOMMAND):
|
||||
changes['ProxyCommand'] = '%s -p %%p %%h' % SSH_PROXYCOMMAND
|
||||
changes['GlobalKnownHostsFile'] = SSH_KNOWNHOSTSFILE
|
||||
if options.trust_sshfp:
|
||||
changes['VerifyHostKeyDNS'] = 'yes'
|
||||
changes['HostKeyAlgorithms'] = 'ssh-rsa,ssh-dss'
|
||||
elif options.sssd and file_exists(SSH_PROXYCOMMAND):
|
||||
changes['ProxyCommand'] = '%s -p %%p %%h' % SSH_PROXYCOMMAND
|
||||
changes['GlobalKnownHostsFile'] = SSH_KNOWNHOSTSFILE
|
||||
|
||||
change_ssh_config(ssh_config, changes, ['Host'])
|
||||
root_logger.info('Configured %s', ssh_config)
|
||||
|
Loading…
Reference in New Issue
Block a user