[OpenAFS-port-darwin] obtaining AFS tokens for SSH logins
David Botsch
dwb7@ccmr.cornell.edu
Thu, 22 Apr 2004 21:25:49 -0400
Upon rereading your message, are you running kaserver (or fakeka)? Without
those, that pam module won't do you any good.
I woud suspect the several second delay is coming from a timeout failure on the
part of the afs pam module.
On Fri, Apr 23, 2004 at 11:44:37AM +1200, Keith Johnston wrote:
> Hi
> I am trying to get afs tokens for users who ssh into an OS X box
> running OS X10.3.3. I can obtain afs tokens and kerberos tickets
> logging into the box normally at login but not when I ssh into the same
> box.
> I found Bil Hays' web page http://www.ibiblio.org/macsupport/sshd/
> for using PAM and downloaded the 10.3 version of pam_afs.so.1 and
> followed the advice on that page, however although I can connect the
> connection time is several seconds longer than without the PAM and I do
> not get any afs tokens at login. I can obtain tokens with kinit and my
> password.
> I have had a bit of a play with sshd_config settings and achieved
> nothing useful having tried enabling various options. We are only using
> ssh2 and kerberos 5 here.
> Is there some trick I am missing, if so could someone enlighten me or
> point me to the right place to get the answers I need.
> Thanks in advance
> Keith
>
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> Keith Johnston xtn: 87977
> Computer Support
> Computer Science Department Rm 395
>
> This email is brought to you by the letters OS X and the number 10
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
>
> _______________________________________________
> port-darwin mailing list
> port-darwin@openafs.org
> https://lists.openafs.org/mailman/listinfo/port-darwin
--
********************************
David William Botsch
Consultant/Advisor II
CCMR Computing Facility
dwb7@ccmr.cornell.edu
********************************