SSH and Kerberos in Solaris 9
henrik
henrik at stat.tamu.edu
Wed Oct 26 12:06:09 EDT 2005
Hello
I have kerberos working on a Solaris 9 box in the sense that if I type:
kinit henrik
the system authenticates the password without error. I need to get ssh
to accept the kerberos authentication. In Linux it was easy to do, but
I am having trouble configuring the Solaris /etc/pam.conf file to make
this work. Uncommenting this section:
#
# Support for Kerberos V5 authentication (uncomment to use Kerberos)
#
rlogin auth optional pam_krb5.so.1 try_first_pass
login auth optional pam_krb5.so.1 try_first_pass
other auth optional pam_krb5.so.1 try_first_pass
cron account optional pam_krb5.so.1
other account optional pam_krb5.so.1
other session optional pam_krb5.so.1
other password optional pam_krb5.so.1 try_first_pass
does not make ssh accept kerberos passwords for ssh logins. As a test I
enabled telnet and with telnet things fail as well:
login: henrik
Password:
Enter Kerberos password for henrik:
authentication failed: Unknown code 2
On the login prompt the kerberos password is accepted, but then it
requests it again and the same password fails. I really am not
interested in getting telnet to work, it was just for diagnosis I tried
it.
Any help would be appreciated.
- Henrik
More information about the Kerberos
mailing list