[Samba] Samba4 and GSSAPI based authentication for OpenSSH

L.P.H. van Belle belle at bazuin.nl
Thu Nov 21 01:27:49 MST 2013 

look here, it might help you.


http://us.generation-nt.com/answer/re-samba-how-do-i-get-an-ssh-client-authenticate-samba4-kerberos-gssapi-solved-help-208138311.html 
 

>-----Oorspronkelijk bericht-----
>Van: arthur_ramsey at mediture.com 
>[mailto:samba-bounces at lists.samba.org] Namens Arthur Ramsey
>Verzonden: woensdag 20 november 2013 23:53
>Aan: samba at lists.samba.org
>Onderwerp: [Samba] Samba4 and GSSAPI based authentication for OpenSSH
>
>I seem to be having the same issue as 
>https://lists.samba.org/archive/samba/2012-December/170426.html.  I 
>don't see that he ever reached a solution.
>
>Nov 20 16:02:58 appdb01-qa sshd[31622]: debug1: Unspecified GSS 
>failure.  Minor code may provide more information\nNo key table entry 
>found matching host/appdb01-qa.mediture.dom@\n
>Nov 20 16:02:58 appdb01-qa sshd[31623]: debug1: userauth-request for 
>user arthurr service ssh-connection method gssapi-with-mic
>Nov 20 16:02:58 appdb01-qa sshd[31623]: debug1: attempt 2 failures 0
>Nov 20 16:02:58 appdb01-qa sshd[31623]: debug1: userauth-request for 
>user arthurr service ssh-connection method gssapi-with-mic
>Nov 20 16:02:58 appdb01-qa sshd[31623]: debug1: attempt 3 failures 0
>Nov 20 16:02:59 appdb01-qa sshd[31623]: debug1: userauth-request for 
>user arthurr service ssh-connection method gssapi-with-mic
>
>[arthurr at appdb01-qa]~% klist
>Ticket cache: FILE:/tmp/krb5cc_16777216
>Default principal: arthurr at MEDITURE.DOM
>
>Valid starting     Expires            Service principal
>11/20/13 15:59:55  11/21/13 01:59:55 krbtgt/MEDITURE.DOM at MEDITURE.DOM
>     renew until 11/27/13 15:59:55
>11/20/13 15:59:55  11/21/13 01:59:55  APPDB01-QA$@MEDITURE.DOM
>     renew until 11/27/13 15:59:55
>
>Samba client: 3.6.9
>Samba4 PDC: 4.1.1
>
>This was my starting place: 
>https://wiki.samba.org/index.php/Authenticating_other_services_
>against_AD. 
>I also have searched google extensively.
>
>Any help would be appreciated.
>
>-- 
>Arthur Ramsey
>Systems Administrator
>Mediture
>arthur_ramsey at mediture.com
>952.400.0323
>
>This e-mail and any attachments may contain CONFIDENTIAL 
>information, including PROTECTED HEALTH INFORMATION. If you 
>are not the intended recipient, any use or disclosure of this 
>information is STRICTLY PROHIBITED; you are requested to 
>delete this e-mail and any attachments, notify the sender 
>immediately, and notify the Mediture Privacy Officer at 
>privacyofficer at mediture.com.
>
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/options/samba
>
>

More information about the samba mailing list