Hello,
I've had this working before, but I can't seem to get it working
again, I'm trying to get ssh to authenticate between my hosts on my
local networks, KDC is samba, and I can kinit on all my hosts, but
SSHd on all my hosts has a weird problem, when I run sshd -d
everything looks normal until:
debug1: attempt 1 failures 0 [preauth]
debug1: Unspecified GSS failure. Minor code may provide more information
No key table entry found matching host/host.domain.local@
Note nothing after the @ sign. I thought this was a DNS resolution
issue but both hosts resolve forward and reverse. So I have no idea
why it wouldn't do @DOMAIN.LOCAL at the end.
for what it's worth here's my krb5.conf:
[domain_realm]
.domain.local = DOMAIN.LOCAL
domain.local = DOMAIN.LOCAL
[libdefaults]
default_realm = DOMAIN.LOCAL
dns_lookup_realm = true
dns_lookup_kdc = true
forwardable = true
proxiable = true
[realms]
DOMAIN.LOCAL = {
kdc = kdc.domain.local:88
}
[v4 domain_realm]
.domain.local = DOMAIN.LOCAL
domain.local = DOMAIN.LOCAL
I am also not sure if this is a samba issue or an SSH issue, but I've
tried messing around with DNS krb5.conf and SSH and I no matter what I
do the kerb domain never gets added. What am I missing?
Thanks
