ipa server and client ssh not reponding

Issues related to applications and software problems and general support
Post Reply
rolandderuel
Posts: 5
Joined: 2022/08/01 08:31:19

ipa server and client ssh not reponding

Post by rolandderuel » 2022/08/03 15:36:44

Hello All
I have two centos 8 stream server with the ipa server installed and a second server or I can't install the client
ping both server with ip and fqdn ok
but test ssh since server
ssh from the ipa server to the other server timeout and the same with the reverse

ssh i up ans running
sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2022-08-03 11:21:27 CEST; 6h ago
Docs: man:sshd(8)
man:sshd_config(5)
Main PID: 1186 (sshd)
Tasks: 1 (limit: 11344)
Memory: 7.4M
CGroup: /system.slice/sshd.service
----------------------------------------------------------------------------------------------------------------------------------------
ipa-client-install -U --domain=domain --realm=IT.DOMAIN --server=my.server.lan --mkhomedir -p admin -w mypassword

Skip server.lan: LDAP server is not responding, unable to verify if this is an IPA server
Failed to verify that server.lan is an IPA Server.
This may mean that the remote server is not up or is not reachable due to network or firewall settings.
Please make sure the following ports are opened in the firewall settings:
TCP: 80, 88, 389
UDP: 88 (at least one of TCP/UDP ports 88 has to be open)
Also note that following ports are necessary for ipa-client working properly after enrollment:
TCP: 464
UDP: 464, 123 (if NTP enabled)
The ipa-client-install command failed. See /var/log/ipaclient-install.log for more information

----------------------------------------------------------------------------------------------------------------------
firewall-cmd --list-all

public (active)
target: default
icmp-block-inversion: no
interfaces: ens192
sources:
services: cockpit dhcpv6-client ntp ssh
ports: 80/tcp 443/tcp 389/tcp 636/tcp 88/tcp 464/tcp 53/tcp 88/udp 464/udp 53/udp 123/udp
protocols:
forward: no
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:

there is a specific action for ipa to work SSH between the two servers

if you are an idea
thank you

Post Reply