On Thu, Jun 21, 2018 at 12:13:03PM -0000, Bart via FreeIPA-users wrote:
Or it is not solved yet :).
After the update my sssd versions are:
server: 1.16.1-8
client: 1.16.1-7
Public keys get updated on the client host but ONLY after I log in to the server. Even
though I set entry_cache_timeout = 120 literally everywhere (on client and server), client
still allows to log in with ssh key after it was deleted using FreeIPA web ui.
Did you lower memcache_timeout as well? This should not be related but
worth a try.
Can you send me the SSSD logs from the IPA client and server which cover
the call of sss_ssh_authorizedkeys at the time you would expect that the
cached entries are expired and fresh data should be read from the
server?
bye,
Sumit
> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
> To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
> Fedora Code of Conduct:
https://getfedora.org/code-of-conduct.html
> List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
https://lists.fedoraproject.org/archives/list/freeipa-users@lists.fedorah...