Solaris ssh pam krb "bad encryption type"
Jeffrey Hutzelman
jhutz at cmu.edu
Tue Mar 28 18:12:04 EST 2006
On Tuesday, March 28, 2006 09:28:00 PM +0000 Fletcher Cocquyt
<fcocquyt at stanford.edu> wrote:
> Can anyone advise how to proceed - whether Sun's pam_krb will work, or
> how to get a pam_krb working from RedHat's source rpms?
1. Get simpler things to work first, like using PAM for login or su.
2. Then get Sun's ssh to work. While it is possible to make OpenSSH do
PAM almost-correctly, you are in for a certain amount of pain. Sun
has already done all of this for you and then some.
3. Then, if you're concerned Sun won't keep things up to date, build your
own. Personally, unless you have particular reasons for needing to
do otherwise, I'd recommend sticking with Sun's ssh.
FWIW, a year or so ago I was strongly considering pulling Sun's ssh out of
OpenSolaris and building it for our other platforms, rather than using
stock OpenSSH. I probably would have had to do a certain amount of porting
work, but it still would have saved me a lot of time and effort.
Unfortunately, there were some issues related to the OpenSolaris rollout
which meant we couldn't get the code in time.
-- Jeffrey T. Hutzelman (N3NHS) <jhutz+ at cmu.edu>
Sr. Research Systems Programmer
School of Computer Science - Research Computing Facility
Carnegie Mellon University - Pittsburgh, PA
More information about the krbdev
mailing list