Bug#402844: libsasl2-modules-gssapi-mit: sasl-sample-client/sasl-sample-server authentication fails with GSSAPI mechanism

I have now successfully tested sasl-sample-client sasl-sample-server (and imtest) with GSSAPI authentication. Once my kerberos config files were corrected, everything worked. The error messages could certainly have been more helpful, but I know of no reason why this bug should not be closed

Bug#402844: libsasl2-modules-gssapi-mit: sasl-sample-client/sasl-sample-server authentication fails with GSSAPI mechanism

While constructing a reply to your message, I believe I have found the error. I had the wrong hostname for the kdc in the [realms] section of /etc/krb5.conf. I'm a bit confused about why I was able to get tickets at all with kinit, but now both the kerberos clients and

Bug#402844: libsasl2-modules-gssapi-mit: sasl-sample-client/sasl-sample-server authentication fails with GSSAPI mechanism

On Mon, Dec 18, 2006 at 12:00:41AM -0500, Sam Hartman wrote: Interesting. Do you end up getting tickets for the host service or just a tgt? After sasl-sample-client exits, I still only have a tgt. Is any error logged on the Kerberos KDC? None that I see, but I might be looking in the wrong

Bug#402844: libsasl2-modules-gssapi-mit: sasl-sample-client/sasl-sample-server authentication fails with GSSAPI mechanism

Interesting. Do you end up getting tickets for the host service or just a tgt? Is any error logged on the Kerberos KDC? Does the sasl sample pass the hostname into the sasl library? Many mechanisms such as digest-md5 and cram-md5 will mostly work without a hostname passed in, but gssapi

Bug#402844: libsasl2-modules-gssapi-mit: sasl-sample-client/sasl-sample-server authentication fails with GSSAPI mechanism

severity 402844 normal tags 402844 moreinfo thanks Sam: any chance you could send your configuration to this bug? Specifically, the following files: /etc/krb5.conf /etc/cyrus.conf /etc/imapd.conf /etc/default/saslauthd (unless you use an auxprop mechanism, of course) Michael: On Thu,

Bug#402844: libsasl2-modules-gssapi-mit: sasl-sample-client/sasl-sample-server authentication fails with GSSAPI mechanism

On Sat, Dec 16, 2006 at 10:34:53AM +0200, Fabian Fagerholm wrote: One thing which sticks out to me is that you have sasl_pwcheck_method: saslauthd in /etc/imapd.conf, but then you have MECHANISMS=pam in /etc/default/saslauthd. I'm not too familiar with GSSAPI, but it seems to

Bug#402844: libsasl2-modules-gssapi-mit: sasl-sample-client/sasl-sample-server authentication fails with GSSAPI mechanism

Michael, Thanks for your report! On Tue, 2006-12-12 at 18:58 -0500, Michael Richters wrote: GSSAPI authentication does not appear to work for the SASL sample client and server. Of course, it is possible that I'm not doing something wrong, given the lack of examples in the documentation. The

Bug#402844: libsasl2-modules-gssapi-mit: sasl-sample-client/sasl-sample-server authentication fails with GSSAPI mechanism

On Thu, Dec 14, 2006 at 08:23:58AM +0200, Fabian Fagerholm wrote: Could you please try the following: On the client: $ kinit $ sasl-sample-client -m gssapi -n geomancer.nutwerk.org On the server: $ sasl-sample-server Then manually copy and paste the server output (the whole line,

Bug#402844: libsasl2-modules-gssapi-mit: sasl-sample-client/sasl-sample-server authentication fails with GSSAPI mechanism

Package: libsasl2-modules-gssapi-mit Version: 2.1.22.dfsg1-7 Severity: important GSSAPI authentication does not appear to work for the SASL sample client and server. Of course, it is possible that I'm not doing something wrong, given the lack of examples in the documentation. Here's a