[Samba] Samba4 SSH SSSD-AD Problem
Sketch
smblist at rednsx.org
Thu Feb 26 10:23:31 MST 2015
On Thu, 26 Feb 2015, Andreas Hauffe wrote:
> If I logon a linux client everything works fine. When entering klist I'm able
> to see my ticket. When I try to connect/logon to another linux client with ssh
> it is possible, but klist shows:
> klist: Credentials cache file '/run/user/$UID$/krb5cc/tkt' not found.
>
> So the ticket cache is not created during logon.
You need to add the following to your ssh client config (either
/etc/ssh/ssh_config or ~/.ssh/config):
Host *
GSSAPIAuthentication yes
GSSAPIDelegateCredentials yes
You can replace the * with your domain, but then you'll have to log into
hosts using the full DNS name (as Rowland mentioned, DNS matters, though
UseDNS in sshd doesn't seem to have any effect for me in this case.)
More information about the samba
mailing list