Thanks, I'll check it out. 

On Wed, Dec 5, 2018, 5:19 PM Alexander Bokovoy <abokovoy@redhat.com wrote:
On ke, 05 joulu 2018, tarak sinha wrote:
>Yes, I can. thanks alex for your help. Let me know what needs to be done.
>
>[root@deploy1.ops tsinha]# kvno -S host mstageegw3.example.com
>kvno: invalid option -- S
>usage: kvno [-4 | [-c ccache] [-e etype] [-k keytab]] service1 service2 ...
>[root@deploy1.ops tsinha]#
What OS is this?

Anyway, what happens if you get

kvno host/mstageegw3.example.com

Also, please show

ipa host-show --all mstageegw3.example.com



>
>On Wed, Dec 5, 2018 at 4:28 PM Alexander Bokovoy <abokovoy@redhat.com>
>wrote:
>
>> On ke, 05 joulu 2018, tarak sinha via FreeIPA-users wrote:
>> >Hi Guys,
>> >
>> >I am having issue to ssh with one host with SSO, all the users are able to
>> >ssh without asking password but only my userid having issue with asking
>> >password, I have tried to do kdestroy and did kinit again with userid
>> along
>> >with REALM but did not work. if you have any suggestions please let me
>> know
>> >to check further.
>> >
>> >Here it is output for ssh connection which asking password,
>> >----snip----
>> >
>> >debug1: Authentications that can continue:
>> >publickey,gssapi-keyex,gssapi-with-mic,password
>> >debug1: Next authentication method: gssapi-with-mic
>> >debug1: Unspecified GSS failure.  Minor code may provide more information
>> >Server not found in Kerberos database
>> ^^ this is your problem.
>>
>> Can you show output of
>>
>> kvno -S host mstageegw3.example.com
>>
>> on your client from where you do SSH?
>>
>>
>>
>> >debug1: Unspecified GSS failure.  Minor code may provide more information
>> >Server not found in Kerberos database
>> >debug1: Unspecified GSS failure.  Minor code may provide more information
>> >Server not found in Kerberos database
>> >debug2: we did not send a packet, disable method
>> >debug1: Next authentication method: publickey
>> >debug1: Offering public key: /uhome/aalevoor/.ssh/id_rsa
>> >debug2: we sent a publickey packet, wait for reply
>> >debug1: Authentications that can continue:
>> >publickey,gssapi-keyex,gssapi-with-mic,password
>> >debug1: Trying private key: /uhome/aalevoor/.ssh/id_dsa
>> >debug2: we did not send a packet, disable method
>> >debug1: Next authentication method: password
>> >aalevoor@mstageegw3.example.com's password:
>> >debug2: we sent a password packet, wait for reply
>> >debug1: Authentication succeeded (password).
>> >debug1: channel 0: new [client-session]
>> >debug2: channel 0: send open
>> >debug1: Entering interactive session.
>> >debug2: callback start
>> >debug2: client_session2_setup: id 0
>> >debug2: channel 0: request pty-req confirm 0
>> >debug2: channel 0: request shell confirm 0
>> >debug2: fd 4 setting TCP_NODELAY
>> >debug2: callback done
>> >debug2: channel 0: open confirm rwindow 0 rmax 32768
>> >debug2: channel 0: rcvd adjust 2097152
>> >Last login: Wed Dec  5 01:53:06 2018 from 10.22.6.70
>> >
>> >--
>> >
>> >*Thanks,*
>> >
>> >*TS*
>>
>> >_______________________________________________
>> >FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
>> >To unsubscribe send an email to
>> freeipa-users-leave@lists.fedorahosted.org
>> >Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
>> >List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
>> >List Archives:
>> https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
>>
>>
>> --
>> / Alexander Bokovoy
>> Sr. Principal Software Engineer
>> Security / Identity Management Engineering
>> Red Hat Limited, Finland
>>
>
>
>--
>
>*Thanks,*
>
>*Tarak Nath Sinha*
>
>*Mobile: **+91 8197522750*

--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland