[Bug 268186] Kerberos authentication fails with a Linux/FreeIPA KDC

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 268186] Kerberos authentication fails with a Linux/FreeIPA KDC"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Tue, 06 Dec 2022 19:30:31 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268186

--- Comment #4 from Cy Schubert <cy@FreeBSD.org> ---
You can circumvent Heimdal with MIT by pkg install pam_krbt krb5.

Then replace the pam_krb5 lines in /etc/pam.d/sshd with the following:

auth            sufficient      /usr/local/lib/security/pam_krb5.so            
try_first_pass
account         sufficient      /usr/local/lib/security/pam_krb5.so
password        sufficient      /usr/local/lib/security/pam_krb5.so

sshd will use MIT instead of the built-in Heimdal.

-- 
You are receiving this mail because:
You are the assignee for the bug.