On 2/27/07, RJ45 <[EMAIL PROTECTED]> wrote:
actually i just need ssh kerberos authentication
but the problem is that using ssh kerberos authentication I got an error
upon autghentication
Feb 26 21:42:54 bastionbox1 krb5: verify: Server not found in Kerberos
database
Feb 26 21:42:54 bastionbox1 sshd[15347]: Failed password for riccardo from
::1 port 43768 ssh2
I configured sshd_config properly and i also changed setting to login.conf
so that user are authenticated with krb5
but I ahve this error and I am unable to authenticate using sshd as I
wanted to do.
but if I just enter the system with local password and the after I
authenticate I succesfully can authenticate and have my ticket
so I get stuck by the error I reported above and I am unable to
authenticate ssh kerberos
What style of kerberos authentication are you attempting? Do you want
to make the password you use to authenticate with the one that you use
to get your TGT issued, or do you want to use GSSAPI authentication
to perform full-on ticket-based credentialing? Both are possible.
At any rate, your above error "Server not found in Kerberos database"
suggests that you've sent a request to get a ticket for your server
and that server doesn't yet exist in the kerberos database. The
principal for the server should be in the form of it's FQDN and they
key should live at /etc/kerberosV/krb5.keytab on the server when
exported.
DS
