First of all, because it makes me angry: WHERE IS A WAY IN LAUNCHPAD TO ACCESS BUGS REPORTED BY ME WITHOUT KNOWING THE BUG ID??????????????????????? Seems missing, was there. I'd really like to have it back! Launchpad is nonsense if I can't access bug reports without knowledge of the URL.
OK. Maybe someone notices it this way! I've changed setup slightly to make it more convenient with DNS: 192.168.1.24 kvm-test 192.168.1.25 auth 192.168.1.26 UB0001 all names are resolved: ! UB0001:~% host kvm-test ! kvm-test.local has address 192.168.1.24 ! UB0001:~% host ub0001 ! ub0001.local has address 192.168.1.26 ! UB0001:~% host auth ! auth.local has address 192.168.1.25 Principals are created: ! host/ub0001.lo...@xompu.de ! host/auth.lo...@xompu.de ! host/kvm-test.lo...@xompu.de Keytab is updated. I've used ! ank -randkey host/kvm-test ! ktadd -k /tmp/krb5.keytab -norandkey host/kvm-test The generated file /tmp/krb5.keytab was copied to the machine in question. All fine so far. Logging in to kvm-test succeeds with the krb5-password: ! Linux kvm-test 2.6.35-22-server #35-Ubuntu SMP ! Sat Oct 16 22:02:33 UTC 2010 x86_64 GNU/Linux Ubuntu 10.10 ! ! Welcome to the Ubuntu Server! ! * Documentation: http://www.ubuntu.com/server/doc ! Last login: Wed Nov 17 12:38:53 2010 from ub0001.local ! t...@kvm-test:~$ klist ! Ticket cache: FILE:/tmp/krb5cc_2023_AM9554 ! Default principal: t...@local ! ! Valid starting Expires Service principal ! 11/17/10 12:46:29 11/17/10 22:46:29 krbtgt/lo...@local ! renew until 11/18/10 12:46:19 Now since I've got a ticket I might login to auth or ub0001 without authehticating again: ! t...@kvm-test:~$ ssh ub0001 ! t...@ub0001's password: No? Didn't I received a tgt from the krb5-server? ! t...@kvm-test:~$ klist ! Ticket cache: FILE:/tmp/krb5cc_2023_AM9554 ! Default principal: t...@local ! ! Valid starting Expires Service principal ! 11/17/10 12:46:29 11/17/10 22:46:29 krbtgt/lo...@local ! renew until 11/18/10 12:46:19 I did. Not working? OK. Trying rsh. ! UB0001:~% rsh -x kvm-test ! UB0001:~% Fails without notice. Looks like something realy going wrong. Trying the auth-server all alone: ! UB0001:~% ssh auth ! t...@auth's password: ! Linux auth 2.6.32-25-server #45-Ubuntu SMP ! Sat Oct 16 20:06:58 UTC 2010 x86_64 GNU/Linux Ubuntu 10.04.1 LTS ! ! Welcome to the Ubuntu Server! ! * Documentation: http://www.ubuntu.com/server/doc ! ! Last login: Wed Nov 17 12:41:30 2010 from ub0001.xompu.de ! t...@auth:~$ klist ! Ticket cache: FILE:/tmp/krb5cc_1000_mB3672 ! Default principal: t...@local ! ! Valid starting Expires Service principal ! 11/17/10 12:56:52 11/17/10 22:56:52 krbtgt/lo...@local ! renew until 11/18/10 12:56:52 Looks OK. Now from self to self: ! t...@auth:~$ ssh auth ! t...@auth's password: The same for rsh, telnet, ... all want, if not failing silently, the password for the user. -- ssh does not authenticate against kerberos https://bugs.launchpad.net/bugs/675448 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs