[Samba] ssh kerberos auth not working after some weeks
David Feurle
david.feurle at sodgeit.de
Thu Jun 19 03:07:13 MDT 2014
We have several linux computers (with different distributions) in a
samba4 domain. All computers are domain members and the domain users can
login to the different machines via pam and winbind3/4.
A user that is authenticated on one machine automatically receives a
kerberos ticket and can login via ssh to another machine using this
kerberos ticket.
This setup works fine for some weeks until the ssh server logs this error
debug1: userauth-request for user feurleda service ssh-connection method
gssapi-with-mic [preauth]
debug1: attempt 1 failures 0 [preauth]
Postponed gssapi-with-mic for feurleda from 10.0.1.73 port 33142 ssh2
[preauth]
debug1: Unspecified GSS failure. Minor code may provide more information
Wrong principal in request
to make the ssh login via kerberos work again I need to issue the
following command
net ads keytab create -U Administrator
after issuing this it works again for some days/weeks.
How can I fix this problem what is it that I am missing?
Best regards,
David Feurle
--
sodge IT GmbH
Adlerstraße 5
72336 Balingen
Mail: david.feurle at sodgeit.de
Mobil: +49-176-64616031
URL: http://www.sodgeit.de
Telefon: +49-7433-95 59 28 4
Telefon: +49-7433-27 52 36
Fax: +49-7433-51 32
---
Sitz der Gesellschaft: Balingen
Registergericht: Amtsgericht Stuttgart HRB 740109
Geschäftsführer: Matthias Ehinger / David Feurle / Götz Martinek
More information about the samba
mailing list