Need help on GSSFTP
Douglas E. Engert
deengert at anl.gov
Wed Sep 19 10:11:10 EDT 2007
tetsu.soh at nts.ricoh.co.jp wrote:
> 530 GSSAPI user root/admin at TEST.COM is not authorized as tetsu; Access
> denied.
> Login failed.
>
>
As Markus pointed out you need a .k5login
But root does not normally have a Kerberos principal, as root
is more machine specific with each machine having root but root
on one is not related to root on another.
Most Kerberos commands will let you use different local username
and kerberos principals. like ssh with gssapi, ssh -l username host
will use your kerberos tickets with your principal th login
to host with the username. In this case the ~username/.k5login
should contain a line with your principal. Think of the .k5login
as the ACL for access to the account.
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
>
--
Douglas E. Engert <DEEngert at anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
More information about the Kerberos
mailing list