kerberos, ssh, and solaris8

Suchun Wu suchun18 at rogers.com
Sat May 11 07:06:17 EDT 2002


Yes. I applied the patches posted on openssh web page. I believe Jason's
comments (after your posting) are correct. He probably has the same problem.
I'll apply his patch and let you know the result.

Thanks,

Suchun

----- Original Message -----
From: "Austin Gonyou" <austin at coremetrics.com>
To: "Suchun Wu" <suchun18 at rogers.com>
Cc: <kerberos at mit.edu>
Sent: Friday, May 10, 2002 12:42 PM
Subject: Re: kerberos, ssh, and solaris8

Just curious, but do you have the latest recommended patch set?(from May
06 2002) There are several PAM and KRB libs replaced in the latest patch
set.

On Thu, 2002-05-09 at 21:07, Suchun Wu wrote:
> It seems no luck for me to find a fix for the problem. I have talked
> Sun support guys. They don't think it is their problem. Anyway, I
> did not use the Solaris kerberos. I compiled with MIT Kerberos
> 5.1.2.4.
> I really would like to learn from  anyone who has successfully set
> up SSO solution with Kerberos, SSH, and Solaris pam.
>
> Thanks,
>
> Suchun
>
> From: sxw at dcs.ed.ac.uk (Simon Wilkinson)
> Message-ID: <abf1fu$mam$1 at scotsman.ed.ac.uk>
> To: kerberos at mit.edu
> Errors-To: kerberos-admin at mit.edu
> Date: Thu, 9 May 2002 23:41:50 +0000 (UTC)
>
> Sam Hartman (hartmans at mit.edu) wrote:
> : This cannot be a Kerberos bug; the ssh patches are responsible for
> : ccache permissions.
>
> I suspect, from previous posts on this subject, that its an problem
> with the interaction between OpenSSH and the Solaris pam_krb5
> module.
> If the original poster isn't using PAM for password authentication,
> I'll investigate further.
>
> Cheers,
>
> Simon.
--
Austin Gonyou
Systems Architect, CCNA
Coremetrics, Inc.
Phone: 512-698-7250
email: austin at coremetrics.com

"One ought never to turn one's back on a threatened danger and
try to run away from it. If you do that, you will double the danger.
But if you meet it promptly and without flinching, you will
reduce the danger by half."
Sir Winston Churchill




More information about the Kerberos mailing list