Forum Replies Created

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • September 8, 2009 at 8:19 pm in reply to: Snow Leopard SSH daemon and kerberos logins #377102
    yemi
    Participant

    Quick update on my 10.6 server experience:

    Although I am currently unable to perform Kerberos ssh logins using passwords (as documented in the pam_krb5 man page), I can login by passing a valid ticket using GSSAPIAuthentication.

    ——-
    Yemi

    September 3, 2009 at 10:29 pm in reply to: Snow Leopard SSH daemon and kerberos logins #377068
    yemi
    Participant

    [QUOTE][u]Quote by: Macleod[/u][p]Were you not able to do so in 10.5? I had AD Kerb ssh logins to my 10.5x server working…[/p][/QUOTE]

    I had kerberos ssh logins to 10.5.x servers working *but* the ssh daemon did not cache the forwarded Kerberos TGT. Basically, Kerberos ssh logins worked but there was no sign of the kerberos ticket in the remote server session. Typically, the KRB5CCNAME environment variable is set and you can view the ticket via ‘klist’.

    ——
    Yemi

    June 27, 2006 at 12:10 am in reply to: What local domain should I use in the future???? #366509
    yemi
    Participant

    OK,

    I think I have figured out that in order to futureproof, I should use the Open Directory dscl utility instead of the NetInfo-only tools (nicl,niload,nidump) so that I won’t have to completely re-write scripts when Apple pull the plug on NetInfo.

    —–
    Yemi

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
Copyright © 2025 AFP548. All Rights Reserved.