On Thu, Nov 25, 2010 at 11:55:16AM -0500, Sam Hartman wrote:
> Is the default realm on your ssh server set to the realm in which it has
> its host keys?

Yes.

> Do things change if you add a domain_realm entry to your ssh server
> mapping it into the realm where its key exists?

Good catch! Yes. The error message changes slightly:

It is now:

Nov 25 18:18:48 someserver sshd[1960]: debug1: Unspecified GSS failure.  Minor 
code may provide more information\nWrong principal in request\n
Nov 25 18:18:48 someserver sshd[1960]: debug1: Got no client credentials

One detail I probably forgot to add is that invoking kinit on the ssh
server (after authenticating in a different manner) works fine.

Helmut



-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to