Mailinglist Archive: opensuse-security (228 mails)

< Previous Next >
Re: [suse-security] heimdal (kerberos) with openssh
  • From: Mike Rose <mr349@xxxxxxxxx>
  • Date: Thu, 24 Mar 2005 10:53:49 +0000 (GMT)
  • Message-id: <Pine.LNX.4.58.0503241052350.23574@xxxxxxxxxxxxxxxxxxxxx>

Not sure this is what you need, but have you set:

usePAM YES

in /etc/ssh/sshd_config

undocumented config parameter - well done openssh!



Mike Rose
TCM & BSS Computer Officer
University of Cambridge
http://www.bio.phy.cam.ac.uk/
http://www.tcm.phy.cam.ac.uk/
http://www.phy.cam.ac.uk/research/bss/

On Wed, 23 Mar 2005, paul kaiser wrote:

> i am using suse professional 9.1.
>
> i have installed heimdal (kerberos) from the distribution cdroms on a realm
> server. i have installed openssh from the distribution cdroms on all hosts.
> all the hosts are kerberos clients
>
> authentication and ticket granting appear to be working fine on all hosts.
> if i am reading the suse manual correctly, i should be able to slogin between
> hosts without being asked for a password.
>
> this is actually working from any host to the kerberos server!
> however, slogin from the server to any other host
> and slogin between any two (non-server) hosts prompts for a password.
>
> i have recompiled openssh
> --with-pam --with-kerberos5=/usr/lib/heimdal
> but to no avail. the same prompting for password occurs.
>
> any suggestions would be appreciated!
>
>
>
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Sports - Sign up for Fantasy Baseball.
> http://baseball.fantasysports.yahoo.com/
>
> --
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
>
>

< Previous Next >
References