Kerberos 5
Tillman Hodgson
tillman at seekingfire.com
Thu May 5 10:31:16 PDT 2005
On Thu, May 05, 2005 at 10:11:30AM -0700, Damian Sobieralski wrote:
> Followup up:
>
> If AFTER I log in, I issue > kinit and type my password in. Now when I
> do a klist I get ticket information. Shouldn't the pam module do this
> aotomatically (call kinit)?
PAM does not map well to Kerberos, unfortunately. Generally speaking you
want to avoid PAM with Kerberos if you can possibly use native Kerberos
:-)
I haven't used pam_krb5 in a long time, but perhaps I can help debug
things. Can you post your PAM configure for however it is that you're
logging in? (SSH, local console, kerberos telnet, etc). The ccache=
option to the PAM module looks applicable, for example.
-T
--
Do not meddle in the affairs of sysadmins, for they can make your life
miserable by doing nothing.
More information about the freebsd-questions
mailing list