Problem compiling pam_krb5 on Solaris 8

Parag Godkar paragg at konark.ncst.ernet.in
Tue Nov 19 04:54:31 EST 2002 

> The utility "ktutil" does not demendent on creation of pam_krb5 process.
It
> comes from MIT Kerberos suite.
> To find out if "ktutil" is right covered by another shared libraries, try:
> ldd /usr/kerberos/bin/ktutil
>

Many Thanks for the pointer. That really helped.
Everything appears to be working fine. I can "telnet"
as well as "ssh" to my Solaris Server with my kerberos
passwords.

Now, Josef I am free to help you solve your problems
on Solaris with kerberos.
I am not an expert when it comes to Solaris but you can
put questions to me and extract info from me.

Basically in our setup, Windows 2000 advanced servers
act as Kerberos Servers and the Red Hat Linux servers
& Solaris Servers act as Kerberos Clients.
So people doing telnet or ssh to linux or solaris servers
get authenticated from windows 2000 server.  Thus they
have to remember only one password for their windows
login as well as for unix.

This is how I did my work on Solaris -

The pam_krb5 from Solaris was not
compatible with ssh and compiling new pam_krb5
from www.sourceforge.net required MIT kerberos.

So I obtained MIT kerberos - krb5-1.2.6 from
http://www.crypto-publish.org/mit-kerberos5/
And I compiled it as follows -
( Mr. Sam Hartman from this mailing list was helpful to me in this. )
./configure --without-krb4
                 --without-tcl
                 --prefix=/usr/kerberos
                 --enable-shared
                 --enable-profiled
                 --with-cc=/usr/local/bin/gcc

I obtained pam_krb5 via CVS from sourceforge.net
as follows -

cvs -d:pserver:anonymous at cvs.pam.sourceforge.net:/cvsroot/pam login
  -- pressed ENTER when prompted for password.
cvs -z3 -d:pserver:anonymous at cvs.pam.sourceforge.net:/cvsroot/pam co
 pam_krb5

I compiled it as follows -
( Needless to say you - Mr. Josef have been most helpful here )
./configure --with-krb5=/usr/kerberos
                 --prefix=/usr/pam_krb5
                 --with-pamdir=/usr/pam_krb5/lib/security

The Openssh server running on my Solaris Server is
openssh-3.4pl obtained from www.sunfreeware.com
and installed as a package using pkgadd -d openssh-3.*

That's basically my config for Solaris 8.

Regards,
Parag Godkar

 ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> http://mailman.mit.edu/mailman/listinfo/kerberos
>

More information about the Kerberos mailing list