Re: [ovirt-users] seria consol setup

> Le 23 mars 2016 à 12:28, Yedidyah Bar David <didi(a)redhat.com&gt; a écrit : > > On Wed, Mar 23, 2016 at 1:04 PM, Fabrice Bacchella > <fabrice.bacchella(a)orange.fr&gt; wrote: >> I'm reading the documentation here : >> http://www.ovirt.org/documentation/admin-guide/serial-console-setup/ >> >> After a few strace, I found the ssh configuration used for the custom ssh that listen on port 2222: >> /usr/share/ovirt-vmconsole/ovirt-vmconsole-proxy/ovirt-vmconsole-proxy-sshd/sshd_config >> >> And I have a big problem with it. >> It says "GSSAPIAuthentication no" but public key authentication is not allowed in my data center, we use kerberos every where. >> So I wonder if I can edit this file ? How is it managed by ovirt ? > > In general, things under /usr are only packaged, not "managed". So a > next upgrade will overwrite your changes. Ok, so I just need to take care how modifications and upgrade are done (using puppet) and everything should be fine.

> > Seems like both its systemd unit and sysv init script read > /etc/sysconfig/ovirt-vmconsole-proxy-sshd if it exists and add > ${OPTIONS} to sshd's command line. So you can try to: > > echo 'OPTIONS="-o GSSAPIAuthentication=yes"' >> > /etc/sysconfig/ovirt-vmconsole-proxy-sshd > > I tried that. It works. I now have pure kerberos only problems. But that's a good direction.