From: Matt Clausen (mclausen@csit.fsu.edu)
Date: Thu Feb 19 2004 - 16:46:35 EST
I'm really stumped with trying to get my Solaris server acting as a
client to our MIT KerberosV KDC which is running on a Solaris 8 server.
I have linux clients which can authenticate perfectly to the KDC upon
logging in via OpenSSH. So I know the interactions with the KDC are
working. The problem occurs when Solaris enters the picture....
On the machine, I can kinit as a principal and receive a ticket. I can
klist and kdestroy that ticket as well. These are with the SEAM client
that comes as part of Solaris 8 and 9. So I know that the machine can
communicate with the KDC and receive tickets. The problem is with the
PAM module and PAM in general.
I've tried this with the stock Solaris 9 pam_krb5 module (and the
respective lines out of pam.conf uncommented) and it didnt work. So I
downloaded the pam_krb5 module from the SourceForge project. This didnt
work either, so I'm really stumped.
If anyone is using KerberosV and specifically a MIT KDC, can you drop me
a line and tell me what you did as far as getting PAM to work with
OpenSSH logins? I dont care about rlogin, dtlogin, or anything like that
because these machines are used as computational servers where users
login via SSH.
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:28:06 EDT