Do not skip SSSD known hosts in ipa-client-install --ssh-trust-dns.

https://fedorahosted.org/freeipa/ticket/3705
This commit is contained in:
Jan Cholasta 2013-06-25 08:41:46 +00:00 committed by Martin Kosek
parent 093fa2daa0
commit 736dd0fcd6

View File

@ -1212,12 +1212,12 @@ def configure_ssh_config(fstore, options):
'PubkeyAuthentication': 'yes',
}
if options.sssd and file_exists(SSH_PROXYCOMMAND):
changes['ProxyCommand'] = '%s -p %%p %%h' % SSH_PROXYCOMMAND
changes['GlobalKnownHostsFile'] = SSH_KNOWNHOSTSFILE
if options.trust_sshfp:
changes['VerifyHostKeyDNS'] = 'yes'
changes['HostKeyAlgorithms'] = 'ssh-rsa,ssh-dss'
elif options.sssd and file_exists(SSH_PROXYCOMMAND):
changes['ProxyCommand'] = '%s -p %%p %%h' % SSH_PROXYCOMMAND
changes['GlobalKnownHostsFile'] = SSH_KNOWNHOSTSFILE
change_ssh_config(ssh_config, changes, ['Host'])
root_logger.info('Configured %s', ssh_config)