Problem with kreberos auth to linux machine (user/pass from AD)
Russ Allbery
rra at stanford.edu
Mon Aug 13 20:57:35 EDT 2012
George <george.m at wp.pl> writes:
> Aug 14 01:58:15 ubuntu32 sshd[15831]: pam_krb5(sshd:auth): (user
> testuser) krb5_get_init_creds_password: Clock skew too great
Check the client system clock? Kerberos uses timestamps fairly heavily as
part of its protocol, and if the time on the server and the client differs
by too much, everything stops working.
In general, you probably want to be running ntpd or some equivalent on any
host that's involved in Kerberos.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the Kerberos
mailing list