Kerberos Digest, Vol 26, Issue 29
Henry B.Hotz
hbhotz at oxy.edu
Fri Feb 25 19:22:13 EST 2005
On Feb 25, 2005, at 9:03 AM, kerberos-request at mit.edu wrote:
> Date: Fri, 25 Feb 2005 15:20:33 +0200
> From: Priit Randla <priit.randla at eyp.ee>
> To: "Douglas E. Engert" <deengert at anl.gov>
> Cc: kerberos at mit.edu
> Subject: Re: MIT + Heimdal + openssh == cross realm difficulties
> Message-ID: <421F2621.1080703 at eyp.ee>
> In-Reply-To: <42079922.6050808 at anl.gov>
> References: <42009547.9070706 at eyp.ee> <4200D640.8060504 at anl.gov>
> <42039F72.3050004 at eyp.ee><42079922.6050808 at anl.gov>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
> Precedence: list
> Message: 4
> Currently 'almost' all seems to work as expected - I'm so far unable to
> get openssh with pam on Heimdal to save obtained TGT with flags intact
> - TGT gets written but without any flags. I think its got something
> to do with SuSe as doing openssh the other way (from SuSe (heimdal))
> to RedHat(mit)) tgt gets saved with
> all required flags intact.
>
> Regards,
> Priit
You may need:
[libdefaults]
fcc-mit-ticketflags = true
on the Heimdal 0.6.3 side if you are mixing Heimdal and MIT/Sun. This
is default for Heimdal 0.7 snapshots now. Not sure how far back the
option is available.
------------------------------------------------------------------------
----
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu
More information about the Kerberos
mailing list