[OpenAFS-devel] Need an idea on a pam-problem
Russ Allbery
rra@stanford.edu
Thu, 11 Jul 2013 11:52:07 -0700
Brandon Allbery <ballbery@sinenomine.net> writes:
> On 7/11/13 11:07, "Mathias Feiler" <feiler@uni-hohenheim.de> wrote:
>> Jul 11 16:07:42 linix3 sshd[2266]: pam_krb5(sshd:auth): (user feiler)
>> credential verification failed: encryption key has bad length
> This points to a problem with your keytab.
> One thing you might watch out for: your krb5.conf mentions Heimdal,
> various heimdal versions have subtle incompatibilities with MIT
> Kerberos. For example, if your pam_krb5 was linked against MIT
> libraries, it may not be reading a Heimdal /etc/krb5.keytab properly.
libpam-heimdal is my pam_krb5 built against Heimdal libraries rather than
MIT libraries. (I've never seen that error, though.)
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>