[OpenAFS] Solaris 10, openssh, pam.conf and afs

Douglas E. Engert deengert@anl.gov
Tue, 20 Nov 2007 09:36:22 -0600

George Cebulka wrote:
> Hello All,
>    I am trying to get Openafs 1.4.5,  Openssh 4.7 to work with pam
> authentication  on a Sunfire 4200 running Solaris 10 x86 8/07. I am able
> to compile, install and run afs and ssh. However, I am unsure of what
> changes I need to make to /etc/pam.conf to allow a user to log into the
> machine via ssh and get an afs token without having to do a separate klog.
>    Can any of you Solaris 10 types provide some pam.conf examples?

First of all, is there some reason you are using the OpenSSH rather then
Solaris 10 ssh and sshd? (It works well on sparc, I assume it will on

The Sun ssh has kerberos, gssapi, and even gssapi-keyex. It can call
pam, and can call pam_afs_session to get pag and tokens.   (We are
using pam_afs2.)

Google for pam_afs_session.

> Thanks in advance,
> George Cebulka
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info


  Douglas E. Engert  <DEEngert@anl.gov>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444