Please fill in the following information:

Issue description

In the Comprehensive Review: Configure and Manage Server Security lab, step 2.1 fails when running "ssh-copy-id student@servera".

Steps to reproduce:

[student@workstation ~]$ lab start rhcsa-compreview3

1.

Starting lab.

 · Checking lab systems ............................................................................................ SUCCESS
 · Installing sshpass on servera ................................................................................... SUCCESS
 · Installing sshpass on serverb ................................................................................... SUCCESS
 · Ensuring clean authorized_keys file on servera .................................................................. SUCCESS
 · Ensuring clean SSH keypair on serverb ........................................................................... SUCCESS
 · Backing up SELinux configuration on servera ..................................................................... SUCCESS
 · Ensuring clean SELinux Boolean setting on serverb ............................................................... SUCCESS
 · Creating the production5 user on servera ........................................................................ SUCCESS
 · Creating the production5 user on serverb ........................................................................ SUCCESS
 · Exporting /user-homes/production5 from servera .................................................................. SUCCESS
 · Ensuring clean firewall settings on serverb ..................................................................... SUCCESS
 · Configuring Apache HTTPD on serverb ............................................................................. SUCCESS
 · Ensuring no SELinux context for 30080/tcp on serverb ............................................................ SUCCESS

[student@workstation ~]$ ssh student@serverb
Activate the web console with: systemctl enable --now cockpit.socket

Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
Last login: Mon Jul  1 09:10:28 2024
[student@serverb ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/student/.ssh/id_rsa):
Created directory '/home/student/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/student/.ssh/id_rsa
Your public key has been saved in /home/student/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:6FplTSqK9jOMPs9ScDm4aeJyCzvFEF791YGGu2mQpAs student@serverb.lab.example.com
The key's randomart image is:
--[RSA 3072]---
|    .   . o..    |
|.  . o . + .     |
|....o.o + .      |
|.Eo.+o + +       |
| o.=..+ S .      |
|. *o.o B         |
|o+o+. +          |
|o==o+o           |
|o+o==o           |
---[SHA256]----
[student@serverb ~]$ ssh-copy-id student@servera
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/student/.ssh/id_rsa.pub"
The authenticity of host 'servera (172.25.250.10)' can't be established.
ED25519 key fingerprint is SHA256:eR1mARtxPj4wq/zHRxALgu6SJfvb7UN5nfSMhMl4+Hc.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed – if you are prompted now it is to install the new keys
student@servera: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
[student@serverb ~]$ ssh-copy-id student@servera
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/student/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed – if you are prompted now it is to install the new keys
student@servera: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
[student@serverb ~]$

Workaround:

Expected result:

Number of key(s) added: 1
Now try logging in to the machine, with: "ssh 'student@servera'"
and check to make sure that only the key(s) you wanted were added.