Timm Essigke <[EMAIL PROTECTED]> writes: > Package: ssh-krb5 > Version: 3.8.1p1-7 > Severity: normal
> Password login fails, if .k5login is present. If it .k5login is renamed, > it works again (I made sure that the file is world readable). I would > like certain users to access the account via .k5login, but have a > password login for myself also from non-kerberized hosts (laptop). > In the following examples I run [EMAIL PROTECTED] 142 (~): ssh -vvv > [EMAIL PROTECTED], but same is true for remote logins. > Sorry for the lengthy report, but I am not sure if it is a configuration > mistake or a bug... With the stock Kerberos v5 libraries, the last that I checked (which admittedly was some time ago), various things interact so that password authentication is only checked against the first listed principal in .k5login. Could you try putting your principal first in that file and see if that resolves the problem? (I'm not sure if that's subsequently been fixed in K5, but if not, it would explain this.) -- Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
