Hi, I solved my ssh GSSAPI problem. There were a lot of solutions on google referring to a proper fqdn in the /etc/hosts file and having the fqdn's/principals in the kerberos server's keytab file but I found out that my problem was that the samba4/kerberos server was running on a multi-homed machine and that the ssh server kerberos authentication needed the following parameter in order for it to work on multi-homed machines:
GSSAPIStrictAcceptorCheck no The default is yes, using "no" will, according to the manpage "clients may authenticate against any service key stored in the machine's default store." I hope this helps others that have similar setups as I do. Thank you all for your input. br, Quinn -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
