[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Problem with OpenSSH

To: heimdal-discuss@sics.se
Subject: Problem with OpenSSH
From: Antoine MILLET <antoine.millet@staff.epita.fr>
Date: Wed, 01 Aug 2007 18:10:06 +0200
List-Archive: <http://list.sics.se/sympa/arc/heimdal-discuss>
List-Help: <mailto:sympa@sics.se?subject=help>
List-Id: <heimdal-discuss.sics.se>
List-Owner: <mailto:heimdal-discuss-request@sics.se>
List-Post: <mailto:heimdal-discuss@sics.se>
List-Subscribe: <mailto:sympa@sics.se?subject=subscribe%20heimdal-discuss>
List-Unsubscribe: <mailto:sympa@sics.se?subject=unsubscribe%20heimdal-discuss>
Reply-To: heimdal-discuss@sics.se, Antoine MILLET <antoine.millet@staff.epita.fr>
User-Agent: Thunderbird 2.0.0.5 (Windows/20070716)

Actually I'm using FreeBSD 5.5 under 1000 computers (EPITA / EPITECH, 
French Computer School).

Before July we ran NetBSD / NFS and now we've moved to FreeBSD / AFS.

I've a problem with OpenSSH / Heimdal / Arla

- GDM run perfectily with my krb5.conf, and I get kerberos ticket and 
afs tokens (I had an "afslog" in GDM's Xsession script).
- KINIT work perfectly with my krb5.conf, and I get kerberos ticket and 
afs tokens without any problem by running `kinit USERNAME`
*but*
OpenSSH don't log users without a keytab containing the host 
principal... Without this keytab I can log on the host.
I configure OpenSSH 4.6 with : ./configure --prefix=/usr 
--sysconfdir=/etc/ssh --with-ssl-engine --with-pam 
--with-kerberos5=/usr/local/heimdal
I configure Heimdal 0.8 with : ./configure --prefix=/usr/local/heimdal 
--sysconfdir=/etc/heimdal --without-ipv6 --with-x
I configure Arla 0.43 with : ./configure --prefix=/usr/local/arla 
--sysconfdir=/etc/arla --with-x --with-sys=/usr/src/sys 
--with-krb5=/usr/local/heimdal 
--with-krb5-include=/usr/local/heimdal/include 
--with-krb5-lib=/usr/local/heimdal/lib

I can't find a good solution... Normally Kerberos is one login and after 
use ticket, but acutally I ned one keytab and mutiple login...

Does anybody have an idee about that ?

Thanks in advance.

--
Cordialement.

Follow-Ups:
- Re: Problem with OpenSSH
  - From: Antoine MILLET <antoine.millet@staff.epita.fr>
- Re: Problem with OpenSSH
  - From: "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu>

Prev by Date: Re: Python bindings
Next by Date: Re: Problem with OpenSSH
Prev by thread: Re: Problems with iprop
Next by thread: Re: Problem with OpenSSH
Index(es):
- Date
- Thread