From owner-freebsd-security Mon Feb 11 18:24: 4 2002 Delivered-To: freebsd-security@freebsd.org Received: from newman2.bestweb.net (newman2.bestweb.net [209.94.102.67]) by hub.freebsd.org (Postfix) with ESMTP id DA3C037B4C0 for ; Mon, 11 Feb 2002 18:17:50 -0800 (PST) Received: from okeeffe.bestweb.net (okeefe.bestweb.net [209.94.100.110]) by newman2.bestweb.net (Postfix) with ESMTP id 36C59231BF for ; Mon, 11 Feb 2002 21:17:14 -0500 (EST) Received: by okeeffe.bestweb.net (Postfix, from userid 0) id 889B79F300; Mon, 11 Feb 2002 21:12:11 -0500 (EST) Date: Thu, 7 Feb 2002 04:45:56 +0200 (SAST) From: Gareth Hopkins To: freebsd-security@freebsd.org Subject: Problem with openssh and kerberos Message-Id: <20020212021211.889B79F300@okeeffe.bestweb.net> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi There, I am having a problem with the following. sshd is not recognising the KerberosOrLocalPasswd option in the sshd_config file. This is causing a problem with users logging into the machine with their kerberos password (without having kinited). Feb 7 04:39:10 sshd[22691]: error: /etc/ssh/sshd_config: line 58: Bad configuration option: KerberosOrLocalPasswd Feb 7 04:39:10 sshd[22691]: fatal: /etc/ssh/sshd_config: terminating, 1 bad configuration options I am using OpenSSH_2.9 FreeBSD localisations 20011202, SSH protocols 1.5/2.0, OpenSSL 0x0090601f which came with the base system of a 4.5-RC install. The following was included in my make.conf when I did a make world. KRB5_HOME= /usr/local MAKE_KERBEROS5= yes Anything else that I missed? --- Gareth Hopkins Server Operations UUNET SA, a WorldCom Company (o) +27.21.658.8700 (f) +27.21.658.8552 (m) +27.82.389.5389 http://www.uunet.co.za 08600 UUNET (08600 88638) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message