[Samba] Samba4 and GSSAPI based authentication for OpenSSH
L.P.H. van Belle
belle at bazuin.nl
Thu Nov 21 01:27:49 MST 2013
look here, it might help you.
http://us.generation-nt.com/answer/re-samba-how-do-i-get-an-ssh-client-authenticate-samba4-kerberos-gssapi-solved-help-208138311.html
>-----Oorspronkelijk bericht-----
>Van: arthur_ramsey at mediture.com
>[mailto:samba-bounces at lists.samba.org] Namens Arthur Ramsey
>Verzonden: woensdag 20 november 2013 23:53
>Aan: samba at lists.samba.org
>Onderwerp: [Samba] Samba4 and GSSAPI based authentication for OpenSSH
>
>I seem to be having the same issue as
>https://lists.samba.org/archive/samba/2012-December/170426.html. I
>don't see that he ever reached a solution.
>
>Nov 20 16:02:58 appdb01-qa sshd[31622]: debug1: Unspecified GSS
>failure. Minor code may provide more information\nNo key table entry
>found matching host/appdb01-qa.mediture.dom@\n
>Nov 20 16:02:58 appdb01-qa sshd[31623]: debug1: userauth-request for
>user arthurr service ssh-connection method gssapi-with-mic
>Nov 20 16:02:58 appdb01-qa sshd[31623]: debug1: attempt 2 failures 0
>Nov 20 16:02:58 appdb01-qa sshd[31623]: debug1: userauth-request for
>user arthurr service ssh-connection method gssapi-with-mic
>Nov 20 16:02:58 appdb01-qa sshd[31623]: debug1: attempt 3 failures 0
>Nov 20 16:02:59 appdb01-qa sshd[31623]: debug1: userauth-request for
>user arthurr service ssh-connection method gssapi-with-mic
>
>[arthurr at appdb01-qa]~% klist
>Ticket cache: FILE:/tmp/krb5cc_16777216
>Default principal: arthurr at MEDITURE.DOM
>
>Valid starting Expires Service principal
>11/20/13 15:59:55 11/21/13 01:59:55 krbtgt/MEDITURE.DOM at MEDITURE.DOM
> renew until 11/27/13 15:59:55
>11/20/13 15:59:55 11/21/13 01:59:55 APPDB01-QA$@MEDITURE.DOM
> renew until 11/27/13 15:59:55
>
>Samba client: 3.6.9
>Samba4 PDC: 4.1.1
>
>This was my starting place:
>https://wiki.samba.org/index.php/Authenticating_other_services_
>against_AD.
>I also have searched google extensively.
>
>Any help would be appreciated.
>
>--
>Arthur Ramsey
>Systems Administrator
>Mediture
>arthur_ramsey at mediture.com
>952.400.0323
>
>This e-mail and any attachments may contain CONFIDENTIAL
>information, including PROTECTED HEALTH INFORMATION. If you
>are not the intended recipient, any use or disclosure of this
>information is STRICTLY PROHIBITED; you are requested to
>delete this e-mail and any attachments, notify the sender
>immediately, and notify the Mediture Privacy Officer at
>privacyofficer at mediture.com.
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list