Problem using pam_krb5 + sshd on Solaris
Josef Kelbler
kelbler at vumscomp.cz
Tue Nov 19 10:33:18 EST 2002
Hi colleagues,
I have problem with pam_krb5 on Solaris with sshd using PAM subsystem.
I have 2 instalation MIT Kerberos 5-1.2.6 on Solaris 8 and 9 in default
locations /usr/local.
Both Kerberos suites work.
I installed pam_krb5 from sourceforge.net and built
/usr/lib/security/pam_krb5.so.1
Before "make" I set environment variable: LD_RUN_PATH=/usr/local.
And therefore pam_krb5.so.1 obtained fixed pathes to another shared
libraries.
(Without this I had got problems wit telnetd + PAM).
Now telnetd + PAM works well.
With sshd problems continues.
Part of pam.conf (telnet and sshd had for testing only these rows) is:
telnet auth required pam_krb5.so.1 # it works
sshd auth required pam_krb5.so.1 # it does not work
In /var/adm/messages log there is for that event:
luna sshd[3009]: [ID 800047 auth.crit] fatal:
PAM setcred failed[3]: Error in underlying service module
HOWEVER in KDC log (on another computer) there where 2 records:
Successful requests for TGT and Ticket for
host/<tested_Solaris_name><REALM>.
It means that pam_krb5 had obtained 2 tickets and in the end something
occured wrong.
Please, does enybody have any ideas?
Thanks
Josef Kelbler
More information about the Kerberos
mailing list