Hi. I trying to setup ssh+pam_krb5 for authentication and establishment of credential cache on FreeBSD 6.3 against MIT kerberos. Everything is ok with authentication, but not with establishment of credential cache by pam_krb5.
I tried different combinations of modules in /etc/pam.d/sshd starting from default /usr/src/etc/pam.d/sshd with uncommented pam_krb5.so. Also tried to use "UsePrivilegeSeparation no" in /etc/ssh/sshd_config. In kdc log file I see during user login: Nov 24 15:22:34 kdchost krb5kdc[20876]: AS_REQ (2 etypes {1 16}) 10.34.22.15: ISSUE: authtime 1227536554, etypes {rep=1 tkt=16 ses=1}, [EMAIL PROTECTED] for krbtgt/[EMAIL PROTECTED] Nov 24 15:22:34 kdchost krb5kdc[20876]: TGS_REQ (2 etypes {1 16}) 10.34.22.15: ISSUE: authtime 1227536554, etypes {rep=1 tkt=16 ses=1}, [EMAIL PROTECTED] for host/[EMAIL PROTECTED] After user login there are no ccache files in usual location /tmp/krb5cc_uid and KRB5CCNAME is not set. But user can establish ccache manually using /usr/bin/kinit. Search on freebsd lists gave threads with discussion of above problem dated up to 2003 without any suggestion how to resolve it. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"