Need help on GSSFTP

tetsu.soh@nts.ricoh.co.jp tetsu.soh at nts.ricoh.co.jp
Tue Sep 18 03:24:33 EDT 2007


Hello everyone,
I am a newbie to Kerberos and also to Linux. So please forgive me for my
ignorance.

I met a problem when i try to use gssftp distributed with krb5-1.6.2.

I'm using ubuntu7.04, and I set up KDC and ftp server both on a same linux
box.

My problem is that I succeeded on authentication, but failed on
authorization.

Here is the system output:

Connected to ftp.test.com.
220 tetsu-ubuntu FTP server (Version 5.60) ready.
334 Using authentication type GSSAPI; ADAT must follow
GSSAPI accepted as authentication type
GSSAPI authentication succeeded
Name (ftp.test.com:tetsu):
530 GSSAPI user root/admin at TEST.COM is not authorized as tetsu; Access
denied.
Login failed.

I have no idea on how to configure where gssftp to authorize to.
I had setup a LDAP server and use it as back-end kerberos database.
However, I found
that it has little effect with the gssftp. Whether or not I setup the LDAP
server, always
got the same error message as shown above.

I did man ftpd and googled, but found little. So I hope I can get some
advice here.

Thanks in advance.




More information about the Kerberos mailing list