[Samba] Samba4 and GSSAPI based authentication for OpenSSH

[Arthur Ramsey]

I seem to be having the same issue as 
https://lists.samba.org/archive/samba/2012-December/170426.html.  I 
don't see that he ever reached a solution.

Nov 20 16:02:58 appdb01-qa sshd[31622]: debug1: Unspecified GSS 
failure.  Minor code may provide more information\nNo key table entry 
found matching host/appdb01-qa.mediture.dom@\n
Nov 20 16:02:58 appdb01-qa sshd[31623]: debug1: userauth-request for 
user arthurr service ssh-connection method gssapi-with-mic
Nov 20 16:02:58 appdb01-qa sshd[31623]: debug1: attempt 2 failures 0
Nov 20 16:02:58 appdb01-qa sshd[31623]: debug1: userauth-request for 
user arthurr service ssh-connection method gssapi-with-mic
Nov 20 16:02:58 appdb01-qa sshd[31623]: debug1: attempt 3 failures 0
Nov 20 16:02:59 appdb01-qa sshd[31623]: debug1: userauth-request for 
user arthurr service ssh-connection method gssapi-with-mic

[arthurr at appdb01-qa]~% klist
Ticket cache: FILE:/tmp/krb5cc_16777216
Default principal: arthurr at MEDITURE.DOM

Valid starting     Expires            Service principal
11/20/13 15:59:55  11/21/13 01:59:55 krbtgt/MEDITURE.DOM at MEDITURE.DOM
     renew until 11/27/13 15:59:55
11/20/13 15:59:55  11/21/13 01:59:55  APPDB01-QA$@MEDITURE.DOM
     renew until 11/27/13 15:59:55

Samba client: 3.6.9
Samba4 PDC: 4.1.1

This was my starting place: 
https://wiki.samba.org/index.php/Authenticating_other_services_against_AD. 
I also have searched google extensively.

Any help would be appreciated.

-- 
Arthur Ramsey
Systems Administrator
Mediture
arthur_ramsey at mediture.com
952.400.0323

This e-mail and any attachments may contain CONFIDENTIAL information, including PROTECTED HEALTH INFORMATION. If you are not the intended recipient, any use or disclosure of this information is STRICTLY PROHIBITED; you are requested to delete this e-mail and any attachments, notify the sender immediately, and notify the Mediture Privacy Officer at privacyofficer at mediture.com.