Michael B Allen <[EMAIL PROTECTED]> wrote: > On Thu, 3 May 2007 20:31:55 -0500 > "Christopher D. Clausen" <[EMAIL PROTECTED]> wrote: >> Try creating a ~/.k5login file in the home directory of >> the user you are logging in as listing authorized Kerberos >> principals, one per line. > > That was it! SSH now works cross realm. I was clueless about .k5login.
You can use an auth_to_local rule in krb5.conf instead. Search this list for a post a few weeks back for some to try. > Now I wonder what smbclient's problem is with the bad echo'd > signatures. Wheres Andrew Bartlett when you need him ... After I broke AD.UIUC.EDU (yes, campus wide) several years ago using samba, I haven't touched it. But I suspect that is a question for a samba list. I assume you have looked at the KDC logs and possible some network traces to try and figure out what is going on? > Mmm, UIUC. I have droves of family in Champaign. I don't. Thats why I moved here :-) <<CDC ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos