Troubleshooting:

$ sudo sss_debuglevel 8
Redirecting to /usr/sbin/sssctl debug-level

$ ssh 10.0.3.30 -vvvvvvvvv
OpenSSH_7.9p1, OpenSSL 1.1.1a FIPS 20 Nov 2018
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: /etc/ssh/ssh_config line 52: Including file /etc/ssh/ssh_config.d/05-redhat.conf depth 0
debug1: Reading configuration data /etc/ssh/ssh_config.d/05-redhat.conf
debug2: checking match for 'final all' host 10.0.3.30 originally 10.0.3.30
debug3: /etc/ssh/ssh_config.d/05-redhat.conf line 3: not matched 'final'
debug2: match not found
debug3: /etc/ssh/ssh_config.d/05-redhat.conf line 5: Including file /etc/crypto-policies/back-ends/openssh.config depth 1 (parse only)
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug3: gss kex names ok: [gss-gex-sha1-,gss-group14-sha1-,gss-group1-sha1-]
debug3: kex names ok: [curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1]
debug1: configuration requests final Match pass
debug2: resolve_canonicalize: hostname 10.0.3.30 is address
debug1: re-parsing configuration
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: /etc/ssh/ssh_config line 52: Including file /etc/ssh/ssh_config.d/05-redhat.conf depth 0
debug1: Reading configuration data /etc/ssh/ssh_config.d/05-redhat.conf
debug2: checking match for 'final all' host 10.0.3.30 originally 10.0.3.30
debug3: /etc/ssh/ssh_config.d/05-redhat.conf line 3: matched 'final'
debug2: match found
debug3: /etc/ssh/ssh_config.d/05-redhat.conf line 5: Including file /etc/crypto-policies/back-ends/openssh.config depth 1
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug3: gss kex names ok: [gss-gex-sha1-,gss-group14-sha1-,gss-group1-sha1-]
debug3: kex names ok: [curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1]
debug1: Executing proxy command: exec /usr/bin/sss_ssh_knownhostsproxy -p 22 10.0.3.30
debug1: identity file /home/myuser/.ssh/id_rsa type -1
debug1: identity file /home/myuser/.ssh/id_rsa-cert type -1
debug1: identity file /home/myuser/.ssh/id_dsa type -1
debug1: identity file /home/myuser/.ssh/id_dsa-cert type -1
debug1: identity file /home/myuser/.ssh/id_ecdsa type -1
debug1: identity file /home/myuser/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/myuser/.ssh/id_ed25519 type -1
debug1: identity file /home/myuser/.ssh/id_ed25519-cert type -1
debug1: identity file /home/myuser/.ssh/id_xmss type -1
debug1: identity file /home/myuser/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9
debug1: ssh_exchange_identification: 33[H33[2J33[3JSSH-2.0-OpenSSH_7.9


debug1: ssh_exchange_identification:
debug1: ssh_exchange_identification: roup-exchange-sha1,diffie-hellman-group14-sha1
debug1: ssh_exchange_identification: enssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes128-ctr,aes128-cbc
debug1: ssh_exchange_identification: penssh.com,hmac-sha2-512
ssh_exchange_identification: Connection closed by remote host

$ cat sssd_ssh.log
[sssd[ssh]] [server_common_rotate_logs] (0x0010): Debug level changed to 0x37f0
[sssd[ssh]] [sbus_issue_request_done] (0x0400): sssd.service.rotateLogs: Success
[sssd[ssh]] [accept_fd_handler] (0x0400): Client connected!
[sssd[ssh]] [sss_cmd_get_version] (0x0200): Received client version [0].
[sssd[ssh]] [sss_cmd_get_version] (0x0200): Offered version [0].
[sssd[ssh]] [ssh_protocol_parse_request] (0x0400): Requested domain [<ALL>]
[sssd[ssh]] [ssh_cmd_get_host_pubkeys] (0x0400): Requesting SSH host public keys for [ipaserver.home.mydomain.com] from [<ALL>]
[sssd[ssh]] [cache_req_set_plugin] (0x2000): CR #0: Setting "Host by name" plugin
[sssd[ssh]] [cache_req_send] (0x0400): CR #0: New request 'Host by name'
[sssd[ssh]] [cache_req_process_input] (0x0400): CR #0: Parsing input name [ipaserver.home.mydomain.com]
[sssd[ssh]] [sss_domain_get_state] (0x1000): Domain home.mydomain.com is Active
[sssd[ssh]] [sss_parse_name_for_domains] (0x0200): name 'ipaserver.home.mydomain.com' matched without domain, user is ipaserver.home.mydomain.com
[sssd[ssh]] [cache_req_set_name] (0x0400): CR #0: Setting name [ipaserver.home.mydomain.com]
[sssd[ssh]] [cache_req_select_domains] (0x0400): CR #0: Performing a multi-domain search
[sssd[ssh]] [cache_req_search_domains] (0x0400): CR #0: Search will bypass the cache and check the data provider
[sssd[ssh]] [cache_req_validate_domain_type] (0x2000): Request type POSIX-only for domain implicit_files type POSIX is valid
[sssd[ssh]] [cache_req_set_domain] (0x0400): CR #0: Using domain [implicit_files]
[sssd[ssh]] [cache_req_search_send] (0x0400): CR #0: Looking up ipaserver.home.mydomain.com
[sssd[ssh]] [cache_req_search_ncache] (0x2000): CR #0: This request type does not support negative cache
[sssd[ssh]] [cache_req_search_dp] (0x0400): CR #0: Looking up [ipaserver.home.mydomain.com] in data provider
[sssd[ssh]] [cache_req_common_process_dp_reply] (0x0040): CR #0: Could not get account info [1432158215]: DP target is not configured
[sssd[ssh]] [cache_req_common_process_dp_reply] (0x0400): CR #0: Due to an error we will return cached data
[sssd[ssh]] [cache_req_search_cache] (0x0400): CR #0: Looking up [ipaserver.home.mydomain.com] in cache
[sssd[ssh]] [sysdb_search_ssh_hosts] (0x0400): No such host
[sssd[ssh]] [cache_req_search_cache] (0x0400): CR #0: Object [ipaserver.home.mydomain.com] was not found in cache
[sssd[ssh]] [cache_req_validate_domain_type] (0x2000): Request type POSIX-only for domain home.mydomain.com type POSIX is valid
[sssd[ssh]] [cache_req_set_domain] (0x0400): CR #0: Using domain [home.mydomain.com]
[sssd[ssh]] [cache_req_search_send] (0x0400): CR #0: Looking up ipaserver.home.mydomain.com
[sssd[ssh]] [cache_req_search_ncache] (0x2000): CR #0: This request type does not support negative cache
[sssd[ssh]] [cache_req_search_dp] (0x0400): CR #0: Looking up [ipaserver.home.mydomain.com] in data provider
[sssd[ssh]] [cache_req_search_cache] (0x0400): CR #0: Looking up [ipaserver.home.mydomain.com] in cache
[sssd[ssh]] [sysdb_merge_res_ts_attrs] (0x2000): TS cache doesn't handle this DN type, skipping
[sssd[ssh]] [cache_req_search_ncache_filter] (0x0400): CR #0: This request type does not support filtering result by negative cache
[sssd[ssh]] [cache_req_search_done] (0x0400): CR #0: Returning updated object [ipaserver.home.mydomain.com]
[sssd[ssh]] [cache_req_create_and_add_result] (0x0400): CR #0: Found 1 entries in domain home.mydomain.com
[sssd[ssh]] [cache_req_done] (0x0400): CR #0: Finished: Success
[sssd[ssh]] [sysdb_update_ssh_known_host_expire] (0x0400): Updating known_hosts expire time of host ipaserver.home.mydomain.com
[sssd[ssh]] [sysdb_merge_res_ts_attrs] (0x2000): TS cache doesn't handle this DN type, skipping
[sssd[ssh]] [sysdb_search_ssh_hosts] (0x0400): No such host
[sssd[ssh]] [sss_domain_get_state] (0x1000): Domain home.mydomain.com is Active
[sssd[ssh]] [sysdb_merge_res_ts_attrs] (0x2000): TS cache doesn't handle this DN type, skipping
[sssd[ssh]] [unique_filename_destructor] (0x2000): Unlinking [/var/lib/sss/pubconf/.known_hosts.5fwN98]
[sssd[ssh]] [unlink_dbg] (0x2000): File already removed: [/var/lib/sss/pubconf/.known_hosts.5fwN98]
[sssd[ssh]] [client_idle_handler] (0x2000): Terminating idle client [0x55cb9d414d30][23]
[sssd[ssh]] [client_close_fn] (0x2000): Terminated client [0x55cb9d414d30][23]


Enjoy the site? All donations are appreciated

Free Text Host is brought to you by Dagon Design
This site contains no adware, spyware, or popups
Questions? Comments?     Privacy Policy     Report abuse here