[OpenAFS] Stacking pam_securid with pam_afs for SSH?
Sun, 8 Jun 2008 13:29:25 -0400
On Sun, Jun 8, 2008 at 12:32 PM, Jeff Blaine <firstname.lastname@example.org> wrote:
>>> Has anyone ever successfully stacked pam_afs after pam_securid (from RSA
>>> Inc) for OpenSSH connections?
>>> I can never get a token, even with privelege separation off.
>> Does pam_securid get you a Kerberos ticket?
> No, it doesn't. This is a kaserver setup still. pam_afs.so is
> solely responsible for getting tokens on its own in this setup.
so you can't let pam_securid be sufficient; pam_afs must be allowed to
run and must not be use_first_pass