Date: Thu, 22 Feb 2024 02:00:43 +0000 From: Lexi Winter <lexi@le-fay.org> To: Michael Voorhis <mvoorhis@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: openPAM and Kerberos in FreeBSD13 Message-ID: <ZdaqyxYigptH6212@ilythia.eden.le-fay.org> In-Reply-To: <d35982f9-8c3e-43f8-be8d-ef3f2243489d@gmail.com> References: <d35982f9-8c3e-43f8-be8d-ef3f2243489d@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--zpn5e79xyN6nAuTe Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Michael Voorhis: > I'm trying to get SSH and Kerberos working on my FreeBSD13 machine. I > can authenticate to the KDC using kinit, no problem, but no amount of > playing will allow me to login to a machine using SSHD and PAM. >=20 > Have played with /etc/pam.d/system and /etc/pam.d/sshd endlessly. you shouldn't need to edit anything in /etc/pam.d to make Kerberos authentication via SSH work. that *is* required to have a Kerberos ticket obtained for the user on login, but that's something you would usually have for console logins, not SSH logins. have you enabled GSSAPI authentication in sshd? in /etc/ssh/sshd_config: GSSAPIAuthentication yes --zpn5e79xyN6nAuTe Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQGzBAABCAAdFiEEuwt6MaPcv/+Mo+ftDHqbqZ41x5kFAmXWqsgACgkQDHqbqZ41 x5nDpgv/bhk+XAd/XtZBSjJ/jnQdNq+DTU52MRLlQWn+Uv240pkka+JRbukTnbGP 7y1hpWUYHFZjvl2K9jgO8swz2kD9Ioa9hlNSPKIGM3wvGWxhYjddZCMTmNKf+W5q DdMagO5P2N0KnRbooI9nCIxXZ3NqwAbUWyook44Wfvdb/u29Yj/1xvgxrhmV/vxs y2xTXjIWw6fzCuv5BGhwnFrFhJnCUn2ept55avBBGpguA65MutpMPNbweaI2Q0pp McH/3Fa75IVCiV3oM0pDciIyfkIkEAVPcRufLKVNBPgNiRRa+1GnW9O/s8W86nxh CXrBJxnyU14s5zwMgeGt2ydB5UiwvHEx66G7317T8wJdg6HslPtTLHiFDpIzNd+5 oaM1tOPp+QuUiyZDdaalB+VYxv2q0KsgashfVG4SMiriLKA6gjehgQjwd3jgK5Xn 7RcsCTCPZ0mHpBnRX2WD1MrjBrj4MjVGyIoRm1i9/NNVniGsQ9gGyc/sXaZiFsjC gbP4VhI1 =ASUe -----END PGP SIGNATURE----- --zpn5e79xyN6nAuTe--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ZdaqyxYigptH6212>