Kerberos Digest, Vol 26, Issue 29

Henry B.Hotz hbhotz at oxy.edu
Fri Feb 25 19:22:13 EST 2005


On Feb 25, 2005, at 9:03 AM, kerberos-request at mit.edu wrote:

> Date: Fri, 25 Feb 2005 15:20:33 +0200
> From: Priit Randla <priit.randla at eyp.ee>
> To: "Douglas E. Engert" <deengert at anl.gov>
> Cc: kerberos at mit.edu
> Subject: Re: MIT + Heimdal + openssh == cross realm difficulties
> Message-ID: <421F2621.1080703 at eyp.ee>
> In-Reply-To: <42079922.6050808 at anl.gov>
> References: <42009547.9070706 at eyp.ee> <4200D640.8060504 at anl.gov>
> 	<42039F72.3050004 at eyp.ee><42079922.6050808 at anl.gov>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
> Precedence: list
> Message: 4


> Currently 'almost' all seems to work as expected - I'm so far unable to
> get openssh with pam on Heimdal to save obtained TGT with flags intact  
> - TGT gets written but without  any flags. I think its got something  
> to do with SuSe as doing openssh the other way (from SuSe (heimdal))  
> to RedHat(mit)) tgt gets saved with
> all required flags intact.
>
> Regards,
> Priit

You may need:
[libdefaults]
		fcc-mit-ticketflags = true

on the Heimdal 0.6.3 side if you are mixing Heimdal and MIT/Sun.  This  
is default for Heimdal 0.7 snapshots now.  Not sure how far back the  
option is available.
------------------------------------------------------------------------ 
----
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu



More information about the Kerberos mailing list