Make sure you are using the pam module. Here's the /etc/security/pam_unix2.conf file on all my suse systems:
auth: call_modules=krb5afs nullok account: use_ldap call_modules=krb5afs password: call_modules=krb5afs nullok session: none
This is my pam_unix2.conf:
auth: call_modules=krb5afs account: call_modules=krb5afs password: call_modules=krb5afs session: call_modules=krb5afs
I don't use use_ldap in pam_unix2 since I have nsswitch.conf set up for password, group and shadow to ``files ldap''.
You may not have LDAP installed on your systems though, so the main thing you're after is the krb5afs entries. I am using the stock OpenSSH and OpenAFS on all my SuSE boxes and everything works fine, no patches needed.
Don't see the important difference between me and you... in both cases we use krb5afs except nullok, which should be ininfluent... I think...
-- Sensei <mailto:[EMAIL PROTECTED]> <pgp:8998A2DB> <icqnum:241572242> <yahoo!:sensei_sen> <msn-id:[EMAIL PROTECTED]>
signature.asc
Description: OpenPGP digital signature
