[csw-maintainers] Fwd: Kerberos support for SSHD on Solaris 10
Philip Brown
phil at bolthole.com
Wed Jun 8 22:32:55 CEST 2011
A note for the current, or any future, kerb maintainers.
This is a forward, from a local user group list that I'm on.
The user expected it to look in the solaris-documented location for
krb5.conf(4)
/etc/krb5/xxxxx
It would appear to check
/etc/krb5.conf:/opt/csw/etc/krb5.conf
however, it should probably look in
/etc/opt/csw/krb5.conf:/etc/krb5/krb5.conf:/etc/krb5.conf:/opt/csw/etc/krb5.conf
(check all local locations, in that order, and then as a last-ditch
effort, check for a "global" one)
---------- Forwarded message ----------
From: Chris McDermott
Date: Wed, Jun 8, 2011 at 1:01 PM
Subject: Re: Kerberos support for SSHD on Solaris 10
Just to close the loop on this, I was able to use truss to figure out that
the csw openssh daemon was looking for the krb5.conf and krb5.keytab files
in a different location, and thus authentication was failing. I created
symlinks:
/etc/krb5.conf -> /etc/krb5/krb5.conf
/etc/krb5.keytab -> /etc/krb5/krb5.keytab
And everything works great now.
Thanks everyone!
Chris
More information about the maintainers
mailing list