> I'm trying to configure 3.9 to authenticate against a Kerberos 5 > realm. Kerberos is correctly configured (I can get a ticket via > kinit). I've created a new user class and assigned krb5-or-pwd > authentication (relevant portion of login.conf is below). I assigned > a user to the class and attempted to login as that user. It would > accept neither the kerberos nor local password (tried both through > ssh and the local console).
Did you give the wee beastie a host key on your kerberos server? both ssh and /bin/login will attempt to verify a host key against the server so that your kerberos server isn't getting spoofed. For example, one of mine looks like: # ktutil list FILE:/etc/kerberosV/krb5.keytab: Vno Type Principal 1 des-cbc-crc host/[EMAIL PROTECTED] so you need to (on your kerb server) ensure you have a host/[EMAIL PROTECTED] key with the corresponding key in the keytab entry on your client machine -Bob