The kerberos server admins have to add you a host key, they then give
you that key and you put it in a keytab file on your client. I.e. they
a "kadmin addprinc -pw somepassword host/[EMAIL PROTECTED]"
and give you the result to put in a keytab file.
Doing this ensures you can ask
Original message
>Date: Tue, 24 Oct 2006 15:50:58 -0500 (CDT)
>From: Jacob Yocom-Piatt <[EMAIL PROTECTED]>
>Subject: Re: krb5 login help
>To: misc@openbsd.org
>
>>The next problem is that I don't control the server (I'm trying to
>>auth
Original message
>Date: Tue, 24 Oct 2006 13:28:20 -0700
>From: "Donald J. Ankney" <[EMAIL PROTECTED]>
>Subject: Re: krb5 login help
>To: Bob Beck <[EMAIL PROTECTED]>
>Cc: misc@openbsd.org
>
>On Oct 24, 2006, at 12:29 PM, Bob Beck wrote:
On Oct 24, 2006, at 12:29 PM, Bob Beck wrote:
Did you give the wee beastie a host key on your kerberos server?
both ssh and /bin/login will attempt to verify a host key against
the server so that your kerberos server isn't getting spoofed.
I think this is the place where I'm running
> I'm trying to configure 3.9 to authenticate against a Kerberos 5
> realm. Kerberos is correctly configured (I can get a ticket via
> kinit). I've created a new user class and assigned krb5-or-pwd
> authentication (relevant portion of login.conf is below). I assigned
> a user to the class
On Tue, 2006-10-24 at 09:22 -0700, Donald J. Ankney wrote:
> I assume I'm missing a step here, but can't find any documentation or
> hints as to what that might be. I'd appreciate any links or
> suggestions on man pages that I should read.
what does your logs say? is your Kerberos server in DNS?
On 10/24/06, Donald J. Ankney <[EMAIL PROTECTED]> wrote:
I've been searching mailing lists, man pages, and google with no good
results, so I'm here to ask for a little nudge in the right direction.
Did you turn on kerberos in sshd_config?
--
GDB has a 'break' feature; why doesn't it have 'fix'
7 matches
Mail list logo
