Am Donnerstag, 21. September 2017, 11:58:22 CEST schrieb Lars Vogdt:
On Thu, 21 Sep 2017 08:33:12 +0200 Per Jessen wrote:
> Sep 20 13:56:01 io64 openvpn: AUTH:
> Received AUTH_FAILED control message
7 Sep 20
openvpn: SIGTERM[soft,auth-failure] received, process exiting
The AUTH_FAILED line looks more interesting to me. I rebooted the
freeipa server Thu, Sep 21, 07:10 - so a missing LDAP server seems not
to be the problem. But this might happen in the future...
AFAIK it was a problem with a too restrictive firewall rule on the
FreeIPA machine, and the timestamp also matches.
I told Theo that ssh logins to all VMs with the FreeIPA username + ssh
key didn't work, and he "fixed" that yesterday. However, he accidently
only allowed /32 instead of /24, with the result that scar (aka
gate.o.o) wasn't able to verify VPN logins anymore. After another
bugreport from me (on IRC), he fixed that yesterday evening.
On the positive side, ssh logins using the FreeIPA username and ssh key
now work, and sudo based on FreeIPA groups also works :-) (tested on
riesling and water)
<cboltz> I wonder if I should add "sponsored by Aspirin" ;-)
<jjohansen> you could have a nice little side business if Asprin
was sponsoring all the bugs you find
To unsubscribe, e-mail: heroes+unsubscribe(a)opensuse.org
To contact the owner, e-mail: heroes+owner(a)opensuse.org