[OpenAFS] pam_krb5afs and openssh-4.0p1
Alexander Bergolth
leo@strike.wu-wien.ac.at
Wed, 21 Sep 2005 09:54:28 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 09/21/2005 12:43 AM, lamont@scriptkiddie.org wrote:
> I'm trying to get TGT passing with the gssapi-with-mic auth method of
> openssh to work with pam_krb5afs to get a token.
>
> 1. Does this even work in principle, or does the pam_sm_open_session in
> pam_krb5afs rely on a stash created in the auth method of pam_krb5afs?
> I had hoped that the session part of pam_krb5afs would check for
> KRB5CCNAME (either via getenv() or pam_getenv()) and would use that if
> it was set, but now I'm not so sure, but still uncertain at this point
> of the way the code behaves.
The CVS version of Redhat's pam_krb5 (= pam_krb5afs) module works fine.
See
https://lists.openafs.org/pipermail/openafs-info/2005-September/019374.html
... and the corresponding thread.
- --leo
- --
- -----------------------------------------------------------------------
Alexander.Bergolth@wu-wien.ac.at Fax: +43-1-31336-906050
Zentrum fuer Informatikdienste - Wirtschaftsuniversitaet Wien - Austria
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFDMRG0sYaksEkoAQMRAjpCAJ9eJHSsVg/2dXiuOUeI3HLfiP8D0gCbBK3s
idPPVVCTnTY48rFFx6wADL8=
=8STH
-----END PGP SIGNATURE-----