Debugging why KRB5_KTNAME isn't working
jochen at jochen.org
Thu Jan 27 14:31:25 EST 2022
Greg Hudson <ghudson at mit.edu> writes:
> Of course, the program itself can provide configuration for the keytab
> file. I couldn't find any gss_ or krb5_ calls in the Postfix source
> code (looking at Viktor Dukhovni's git mirror), so I don't have any
> immediate insight as to whether that's currently possible or what would
> need to change.
I once configured postfix to uses sasl:
main.cf:83:smtpd_sasl_auth_enable = yes
And in /etc/postfix/sasl/smtpd.conf:
pwcheck_method: auxprop saslauthd
mech_list: plain login gssapi
That at least worked some time ago...
This space is intentionally left blank.
More information about the Kerberos