Kerberos 5

Damian Sobieralski dsobiera at yahoo.com
Wed May 4 14:34:18 PDT 2005


  I have a fairly weird question for the group.  I recently set up a
FreeBSD 5.3 box to use pam_krb5 for sshd authentication. It worked
great.  I created a local workstation user via adduser and when it came
time for the password based question, I selected no.  So when I logged
in, I typed "klist" and got some verbage back about my ticket in /tmp.

 I rebuilt the box and although I can log into the box, when I type
klist now I get:

klist: No ticket file: /tmp/krb5cc_0

Or some variation of the ticket file name.  It authenticates me okay
via kerneros or I couldn't get logged in, but any idea why this might
happen?  

 BTW- I read online that storing tickets like this (in /tmp) is
potentially a security risk for a server so the thought was to change
it to home directory tickets like the website recommends. But I did the
same procedures on the install and I cannot even get to the point (step
1) where the ticket can be found in /tmp.  If it didn't let me log in
I'd say it just isn't working, but if I try to ssh in with any other
password besides the correct one it reject me (like it should).  The
right password lets me in so it must be working....right?

  Any ideas?



More information about the freebsd-questions mailing list