Ah, OK
I understand
Merci
LD
Le Lundi 21 Mars 2005 10:05, Douglas E. Engert a écrit :
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
Luis Daniel Lucio Quiroz wrote:
Yest,
but you need 2 realms
You mean two principals?
host/[EMAIL PROTECTED] for the server
and
ssh/[EMAIL PROTECTED] for service , I ask you if it is ssh or sshd or what
No, SSH uses host/[EMAIL PROTECTED] the host principal represents
the services which allow a
Yest,
but you need 2 realms
host/[EMAIL PROTECTED] for the server
and
ssh/[EMAIL PROTECTED] for service , I ask you if it is ssh or sshd or what
LD
Le Vendredi 18 Mars 2005 17:02, Douglas E. Engert a écrit :
> Luis Daniel Lucio Quiroz wrote:
> > btw, aht realm does openssh looksfor
> >
> > s
Luis Daniel Lucio Quiroz wrote:
btw, aht realm does openssh looksfor
ssh/[EMAIL PROTECTED]
No
host/[EMAIL PROTECTED]
??
Le Vendredi 18 Mars 2005 14:25, Douglas E. Engert a écrit :
Ethan Bearman wrote:
You're right - it was right on the cutover - if I add enough groups to
the account, I cannot lo
btw, aht realm does openssh looksfor
ssh/[EMAIL PROTECTED]
??
Le Vendredi 18 Mars 2005 14:25, Douglas E. Engert a écrit :
> Ethan Bearman wrote:
> > You're right - it was right on the cutover - if I add enough groups to
> > the account, I cannot login via ssh with it, nor can I use kinit.
> >
> >
Ethan Bearman wrote:
You're right - it was right on the cutover - if I add enough groups to
the account, I cannot login via ssh with it, nor can I use kinit.
I have had success - finally - getting krb5-1.4 to compile.
But does it run? Can you use the 1.4.0 kinit? I had some problems
with this
You're right - it was right on the cutover - if I add enough groups to the
account, I cannot login via ssh with it, nor can I use kinit.
I have had success - finally - getting krb5-1.4 to compile. How do I get
source code to compile a pam kerberos library based on kerberos 1.3.5 or later?
Than
Luis Daniel Lucio Quiroz wrote:
The problem I see on uskng pam krb is that ticket is on server not on
workstation. Maybe you could use flag addressless to fix this issue. but I
am not sure.
No. The problem as I understand it, is that on the same machine doing a
kinit
vs using the pam_krb5 giv
The problem I see on uskng pam krb is that ticket is on server not on
workstation. Maybe you could use flag addressless to fix this issue. but I
am not sure.
LD
Le Vendredi 18 Mars 2005 07:10, Wyllys Ingersoll a écrit :
> Douglas E. Engert wrote:
> > > I've just run another test and discovere
Douglas E. Engert wrote:
>
> I've just run another test and discovered that I can successfully
> log into the host initially (via PAM kerberos library and SSH), and
> I don't get error 52. I've got a ticket in my cache and
> everything. Kerb error 52 only occurs if I'm using kinit from the
> shell.
Ethan Bearman wrote:
At 07:14 AM 3/17/2005, you wrote:
Ethan Bearman wrote:
I'm getting kerberos error 52 when I try to kinit from hp-ux (11.0
running on 9000 series system) to our Windows 2003 AD domain. It
works for certain admin accounts that have few group memberships, but
not for regular
At 07:14 AM 3/17/2005, you wrote:
Ethan Bearman wrote:
I'm getting kerberos error 52 when I try to kinit from hp-ux (11.0
running on 9000 series system) to our Windows 2003 AD domain. It works
for certain admin accounts that have few group memberships, but not for
regular users.
I understand t
12 matches
Mail list logo
