ssh problems

Matias C. Szmulewiez matiassz at uolsinectis.com.ar
Mon Jun 3 13:16:30 EDT 2002


 Hi,

 I try to configure sshd (OpenSSH_3.0.2p1 Debian 3.0.2p1-7) with krb5
(krb5-1.2.5), and I can't get it to work properly,

 in the sshd_config:
# To change Kerberos options
KerberosAuthentication yes
KerberosOrLocalPasswd no
#AFSTokenPassing no
KerberosTicketCleanup yes
# Kerberos TGT Passing does only work with the AFS kaserver or krb5
KerberosTgtPassing yes
#GSSAPI authentication
GSSAPIAuthentication yes
GSSAPIKeyExchange yes
GSSAPIUseSessionCredCache yes

in the ssh_config:
KerberosAuthentication yes
KerberosTGTPassing yes
GSSAPIAuthentication yes
GSSAPIDelegateCredentials no

I can logon in the KDC as a principals (kinit matias), but when I try to
connect
to the host matias.hq.foobar.org:

 in the KDC log file:

Jun 03 00:19:15 ids krb5kdc[1239](info): TGS_REQ (3 etypes {16 3 1})
172.0.0.12(88): ISSUE: authtime 1023074345, etypes {rep=16 tkt=16 ses=16},
matias at FOOBAR.ORG for host/matias.hq.foobar.org at FOOBAR.ORG

and... doesn't auth with kdc, it asks me for the local passwd.

any idea??? Please help me!!
Regards,


 Matias.





More information about the Kerberos mailing list