[OpenAFS] Solaris 10, openssh, pam.conf and afs

[Douglas E. Engert]

George Cebulka wrote:
> Hello All,
>    I am trying to get Openafs 1.4.5,  Openssh 4.7 to work with pam
> authentication  on a Sunfire 4200 running Solaris 10 x86 8/07. I am able
> to compile, install and run afs and ssh. However, I am unsure of what
> changes I need to make to /etc/pam.conf to allow a user to log into the
> machine via ssh and get an afs token without having to do a separate klog.
>    Can any of you Solaris 10 types provide some pam.conf examples?

First of all, is there some reason you are using the OpenSSH rather then
Solaris 10 ssh and sshd? (It works well on sparc, I assume it will on
x86.)

The Sun ssh has kerberos, gssapi, and even gssapi-keyex. It can call
pam, and can call pam_afs_session to get pag and tokens.   (We are
using pam_afs2.)

Google for pam_afs_session.


> Thanks in advance,
> George Cebulka
> 
> 
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
> 
> 

-- 

  Douglas E. Engert  <DEEngert@anl.gov>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444