[OpenAFS] forwarding credentials with OpenSSH, Kerberos and pam-afs-session
Thu, 06 Sep 2007 10:48:06 -0700
Ken Aaker <email@example.com> writes:
> It's really close, it's working from "ralph" to "mars", but not from
> "mars" to "ralph".
> I get 3 "debug2: we sent a gssapi-with-mic packet, wait for reply"
> messages, then it fails over to password. The keytab files are identical
> on the machines, and GSSAPIAuthentication is turned on in sshd_config on
> both. Still something to do with the keytab on "ralph"?
Make sure you have a .k5login file in your home directory on both systems
that lists your Kerberos principal.
Russ Allbery (firstname.lastname@example.org) <http://www.eyrie.org/~eagle/>