[OpenAFS-devel] pam_krb5afs RHEL3 / FC1
etoile
etoile@web1.ch
Sun, 01 May 2005 15:37:30 +0200
Hi,
since 2 months i am trying to bring pam_krb5afs on rhel3/fc1 to work. (
the other part of the environment, heimdal and ADS are working fine and
their clients are obtaining tokens as expected)
This is my error message :
May 1 15:15:28 bully sshd[21664]: pam_krb5[21664]: obtaining tokens for
'bla.net'
May 1 15:15:28 bully sshd[21664]: pam_krb5[21664]: got error 57
(Invalid slot) while obtaining tokens for bla.net
May 1 15:15:28 bully sshd[21664]: pam_krb5[21664]: obtaining tokens for
'bla.net'
May 1 15:15:28 bully sshd[21664]: pam_krb5[21664]: got error 57
(Invalid slot) while obtaining tokens for bla.net
May 1 15:15:28 bully sshd[21664]: pam_krb5[21664]: pam_open_session
returning 0 (Success)
The Reason for the invalid slot is, that pam_krb5afs is trying to get a
krb4 ticket. That's stupid as i have no krb4 environment. (and yes, the
krb5.conf is correct and krb4 stuff is disabled)
My problem is, that i need a working pam solution, as the "ssh" solution
(login via krb5 and execute afslog/aklog in /etc/ssh/sshrc) is not
really useful with for example vsftpd ...
Anyway.
My Question is - has anybody brought the pam_krb5afs stuff to work on
RHEL3 / FC1 / RHEL4 in a pure krb5 environment with openafs 1.2.13
and/or 1.3.82 ?
If yes - i am really interested how ... 8-}
If no - it's good to know, than i can stop wasting my time and think
about a better solution. (i.e. build the heimdal stuff for rhel3/rhel4)
thanggs ..
core