[OpenAFS-devel] Need an idea on a pam-problem
Mathias Feiler
feiler@uni-hohenheim.de
Mon, 15 Jul 2013 16:02:48 +0200
Hello,
sorry for answer late - have been quite bussy.
On 11.07.2013 20:52, Russ Allbery wrote:
> Brandon Allbery <ballbery@sinenomine.net> writes:
>> On 7/11/13 11:07, "Mathias Feiler" <feiler@uni-hohenheim.de> wrote:
>>> Jul 11 16:07:42 linix3 sshd[2266]: pam_krb5(sshd:auth): (user feiler)
>>> credential verification failed: encryption key has bad length
>> This points to a problem with your keytab.
Yes, this one was a good hint. To test this I just removed the keytab
and yes, ssh works fine using
password authentication. So now I have a point to start from.
Thank You very much for Your kind help.
Sincerely
Mathias Feiler
>> One thing you might watch out for: your krb5.conf mentions Heimdal,
>> various heimdal versions have subtle incompatibilities with MIT
>> Kerberos. For example, if your pam_krb5 was linked against MIT
>> libraries, it may not be reading a Heimdal /etc/krb5.keytab properly.
> libpam-heimdal is my pam_krb5 built against Heimdal libraries rather than
> MIT libraries. (I've never seen that error, though.)
>
--
Mathias Feiler - Universitaet Hohenheim
Kommunikations-, Informations- und Medienzentrum (630)
IT-Dienste | Abt. IT-Infrastruktur (ITI)
Raum 04.24/227 Schloss Westhof-Sued | 70599 Stuttgart
Tel. + 49 711 459 23949 | Fax + 49 711 459 23449