> But with latest openssh on etch I´ve got the problem that I don´t obtain > a token while logging in via SSH from putty or a PC without gssapi.
Make sure you're not using RSA/DSA keys to log in. There is no way to
obtain a ticket and a token when you never tell ssh/pam your password. We
have the exact same setup (etch, Heimdal, pam_afs2 and GSSAPI
authentication), where everything works exactly as supposed. The only
problem is that occassionally sshd seems to loose its ticket/keytab. To
work around this, all the sshd's restart every night. I'm not quite sure
what happens, actually. The symptom is that GSSAPI logins cease
functioning. I guess it's caused by sshd having lost its ticket somehow.
Perhaps it expires? I haven't figured out what happens, though: been in
too much of a hurry each time I've noticed this (and it's only been a few
times per machine in half a year).
-Juha
--
-----------------------------------------------
| Juha Jäykkä, [EMAIL PROTECTED] |
| home: http://www.utu.fi/~juolja/ |
-----------------------------------------------
signature.asc
Description: PGP signature
