Kerberized ssh only works on KDC
Andrew Bovill
abovill at gmail.com
Sat Nov 4 16:00:35 EST 2006
On Sat, 04 Nov 2006 12:04:13 -0800, Russ Allbery wrote:
> Andrew Bovill <abovill at gmail.com> writes:
>
>> when I go to connect to other machines on the network, that are NOT
>> KDCs, (but can use kinit just fine), I get the following log from sshd:
>
>> --nonKDC sshd--
>> noodles:~# sshd -dD -p2222
>> debug1: sshd version OpenSSH_3.8.1p1 Debian-krb5 3.8.1p1-10
>> debug1: read PEM private key done: type RSA
>> debug1: private host key: #0 type 1 RSA
>> debug1: read PEM private key done: type DSA
>> debug1: private host key: #1 type 2 DSA
>> debug1: Bind to port 2222 on 0.0.0.0.
>> Server listening on 0.0.0.0 port 2222.
>> socket: Address family not supported by protocol
>> debug1: Server will not fork when running in debugging mode.
>> Connection from 192.168.183.2 port 35952
>> debug1: Client protocol version 2.0; client software version OpenSSH_4.3
>> debug1: match: OpenSSH_4.3 pat OpenSSH*
>> debug1: Enabling compatibility mode for protocol 2.0
>> debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1 Debian-krb5 3.8.1p1-10
>> debug1: list_hostkey_types: ssh-rsa,ssh-dss
>> debug1: Miscellaneous failure
>> No such file or directory
>
>> debug1: no credentials for GSSAPI mechanism Kerberos
>> debug1: Miscellaneous failure
>> No such file or directory
>
>> debug1: no credentials for GSSAPI mechanism Kerberos
>
> Do those other systems have a keytab in /etc/krb5.keytab?
Thanks! With your suggestion I was able to modify my search on google, found exactly what I needed!
It works perfectly now. I really appreciate it
More information about the Kerberos
mailing list