similar to: openssh-2.9p2 with PAM and Kerberos 5 on Solaris 8

-------------- next part -------------- An embedded message was scrubbed... From: Shigeki Misawa <misawa at bnl.gov> Subject: Re: Problem with keygen on Solaris 8 system. Date: Mon, 30 Apr 2001 23:59:00 -0400 (EDT) Size: 3533 Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20010501/a092310c/attachment.mht -------------- next part -------------- An embedded message was

Hi, I'm running Samba 2.0.4b on a Debian Linux (v2.2) PC. If I look at the "log.smb" file there are many messages: Attempt to locate null printername! Internal error? We have a number of print queues defined and they work fine. Here is a portion of the /etc/printcap: ================================================= # # Copyright (c) 1983 Regents of the University of California.

Hi all, Looks like I'm going to make the trip over to Astricon next month, but finances being what they are and since I'll be paying for my own flight from the UK, I'm trying to cut down on costs. The problem I've got is that the hotel is about 4 miles from the nearest public transportation (Brookhaven station) and the shuttle bus is only for hotel residents. Hiring a car seems

Hello, I was told that work had been done to use R with the CERN developed framework "ROOT" but can't find anything on your site. Please point me to whatever has been done. Sebastian White Sebastian White, Physics Deprtment Brookhaven National Laboratory Offiice: 631-344-5488 cell: 516-443-0039 email: swhite at bnl.gov Sebastian.White at cern.ch

I have set up LDAP/KRB5 access to my active directory network. If I do a getent passwd, I see the users with a unix UID/GID. If use kinit, I can get a token. If I su to a user, it creates a home folder, and shows correct IDs etc. However the machine will not log in via ssh or the GUI. In secure I see: Oct 27 11:14:55 rhelads sshd[4190]: pam_krb5[4190]: ccache dir: /tmp Oct 27 11:14:55 rhelads

Hello, Prequalify: I'm quite a novice w/ Kerberos, so my terminology and assumptions may be rough. Also, please CC me since I'm not a list subscriber. I'm running a fairly recent -STABLE [1] and have installed the base Heimdal Kerberos implementation via the MAKE_KERBEROS5 knob in /etc/make.conf. I'm having the problem that I don't see a cached credential file being created

To whomsoever it may concern, I have compiled openssh-2.9p2 in LynxOS and it works fine. But there is one problem. The ssh client program hangs on exit. I run the sshd server in LynxOS and connect from a ssh client in Linux system. This is the debug output that I get: < sshd running in LynxOS on i386 machine> # ./sshd -d debug1: Seeding random number generator debug1: sshd version

openssh-unix-dev at mindrot.org kerberos at ncsa.uiuc.edu We believe there is a security flaw in either OpenSSH and/or RedHat's pam_krb5 module. When a Kerberos principal has the REQUIRES_PWCHANGE (+needchange) flag set, OpenSSH+pam_krb5 will still successfully authenticate the user. Local 'su' and 'login' fail in this case which leads us to believe it's at least

First time poster so be kind :) I was looking at the pam_krb5.c code and noticed that for authentication to succeed getpwnam() has to succeed. Previously I had setup a web site using mod_auth_pam to authenticate against an active directory (AD) server using a pam config like: # auth auth required pam_krb5.so no_ccache no_warn # account account required

Hello there, I have winbind configured and working fine on a Solaris 8 machine pam is configured ok (I guess) as telnet/su'ing/smb access is working fine, OpenSSH 3.9 is configured with the following options: --prefix=/usr/local --sysconfdir=/etc/ssh --with-md5-passwords --with-default-path=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/ bin:/bin --with-ipv4-default

Gang, For those who asked about making a Solaris system a Kerberos client to Active Directory, the magic document to have is: http://www.connectathon.org/seam1.0/files/c0101.htm See the section "How to Configure a SEAM Client Using a Windows 2000 KDC". SEAM was Sun's Kerberos client stuff in Solaris 8; it is just there as part of Solaris 9 and 10. These instructions apply if

I've searched the mailing list archives and google and seen quite a bit of this with no solutions. Was hoping to reach out here and find someone who has this working. 1. Solaris 9 (sparc) 2. Samba 3.0.28 3. ADS enabled, trying to integrate with a Win2k AD setup wbinfo works great. I can pull all the groups/users just fine. I've read where we need to kill the nscd daemon, done and no

IT WORKS!!! I can telnet, ftp, rsh... to my Samba 3.0.1 box (Solaris 9 sparc) here is (at the end) my pam.conf (in case somebody is interested in) The trick is commenting "other accound... winbind..." string in pam.conf! My English is corrupted wnen i'm full #other account sufficient /usr/lib/security/pam_winbind.so.1 Thanks Andrew Barlett! and since now i just LOVE SAMBA

Hi, I have successfully setup a Solaris 8 server that allows Windows AD Users to login to it (through winbind). The problem is that ALL such users can now do so. Is there a way to control which users are allowed to login while others are denied access? I have tried adding valid users = user and deny to specific users via invalid users = user It's not working. One more

Hello, May you answer me about my issue with kerberos ? About libpam-krb5 installed, I have on my system : yum list krb5-workstation pam_krb5 krb5-workstation.x86_64 1.15.1-37.el7_6 @updates pam_krb5.x86_64 2.4.8-6.el7 @base Is pam_krb5 equivalent to libpam-krb5 on centos 7 ? Thanks -------- Message transf?r? -------- Sujet?: Re: [Samba] Kerberos and NTLMv2 authentication Date?: Sat, 15 Jun

Hi I'm trying to get winbindd work with authentication for other services. Winbindd works fine in samba. I get these errors using rlogin from another server to sun10. Oct 31 08:26:11 sun10 pam_winbind[26694]: request failed, PAM error was 4, NT error was NT_STATUS_INVALID_PARAMETER Oct 31 08:26:11 sun10 pam_winbind[26694]: internal module error (retval = 4, user = `tommyf' Supported

Hi all, I am just after some opinions about the pros and cons of winbind compared to the 'standard' kerberos and ldap methods. I've have already got single sign on working with pam_krb5 and nss_ldap (using SASL/GSSAPI) against SBS 2003 (with MSSFU 3.0) using Debian Sarge as clients/'member servers', and integration of Samba is the next bit I'm looking at. The impressions

Hi, Just writing here my note about auth_default_realm, pam_krb5 and gssapi. It seems that 'pam' passdb and 'gssapi' auth_mechanism doesn't honor 'auth_default_realm' setting, at least in several setups I deal with. Here is a part of the config: passdb { args = max_requests=100 cache_key=%u%r dovecot driver = pam } auth_default_realm = REALM.COM

I'm wondering if anyone has tried use local Solaris NSS files for root-only login VIA the console or ssh - effectively bypassing domain security to the PDC using ADS - Windows 2003 AD? I am not having a problem logging as the non-admin user. I wish to login to the root account that would not be part of the ADS domain security eventually over an ssh connection or directly to /dev/console via a

I?ve stumbled across a rather obscure problem with ssh. My machine is setup to use Kerberos authentication, i.e., I use the pam_krb5 module in the ssh auth section of the PAM configuration file and I have sshd compiled to accept valid Kerberos 5 tickets as well. I also use OpenAFS, so I?ve got the pam_openafs_session module in the ssh session section of the PAM configuration file. Everything