MIT K5 - AFS - Pam login problem
Andrew Bacchi
bacchi at rpi.edu
Wed May 5 11:10:05 EDT 2004
I had this almost working last week, and then tried tweaking. Should
have left well enough alone.
I am not getting afs@ tickets from my K5 server, although afs tokens do
show up in the K4 klist. It seems the tgt is being rejected by the
kernel. It might be a Pam issue, or not. Any ideas?
Also, is the RedHat /bin/login a kerberized login, I'm guessing it is,
or do I need to symlink to login.krb5? Thanks.
Syslog reports:
alphecca sshd[11638]: pam_krb5afs: Got 110 extra bytes in v4 TGT
And the console reports this weired message:
afs: Tokens for user of AFS id XXXX for cell web.rpi.edu are discarded
(rxkad error=19270408)
klist is:
Default principal: sam at WEB.RPI.EDU
Valid starting Expires Service principal
05/05/04 10:53:19 05/05/04 20:53:20 krbtgt/WEB.RPI.EDU at WEB.RPI.EDU
renew until 05/05/04 10:53:19
Kerberos 4 ticket cache: /tmp/tkt65542_NNljHg
Principal: sam at WEB.RPI.EDU
Issued Expires Principal
05/05/04 10:53:20 05/05/04 20:53:20 krbtgt.WEB.RPI.EDU at WEB.RPI.EDU
05/05/04 10:53:21 05/05/04 20:53:21 afs at WEB.RPI.EDU
--
Facade: Provide a unified interface to a set of interfaces in a
subsystem.
Andrew Bacchi
Staff Systems Programmer
Rensselaer Polytechnic Institute
phone: 518 276-6415 fax: 518 276-2809
http://www.rpi.edu/~bacchi/
More information about the Kerberos
mailing list