[Samba] Samba4 SSH SSSD-AD Problem
Andreas Hauffe
andreas.hauffe at tu-dresden.de
Thu Feb 26 08:21:33 MST 2015
Hi,
I'm having a problem with ssh and sssd in a samba4 ad environment.
If I logon a linux client everything works fine. When entering klist I'm able
to see my ticket. When I try to connect/logon to another linux client with ssh
it is possible, but klist shows:
klist: Credentials cache file '/run/user/$UID$/krb5cc/tkt' not found.
So the ticket cache is not created during logon.
I'm using sssd with the following sssd.conf:
[sssd]
services = nss, pam
config_file_version = 2
domains = $DOMAINNAME$
[nss]
[pam]
[domain/$DOMAINNAME$]
id_provider = ad
access_provider = ad
ldap_id_mapping=false
krb5_keytab=/etc/krb5.keytab
And sshd with to following sshd_config:
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication no
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes
GSSAPIStrictAcceptorCheck no
GSSAPIStoreCredentialsOnRekey yes
UsePAM yes
X11Forwarding yes
UseDNS no
Subsystem sftp /usr/lib/ssh/sftp-server
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL
/etc/pam.d/sshd directs to the default pam.d configurations.
--
Viele Grüße
Andreas Hauffe
More information about the samba
mailing list