[Samba] Cannot log into Samba4 AD/DC with ssh as domain user
Mark Foley
mfoley at ohprs.org
Sat Dec 1 11:26:42 UTC 2018
>From either a Linux or Mac domain member, I have tried logging into the Samba4 AD server as a
domain user:
labmac:~ mark$ ssh mark at mail pwd
mark at mail's password:
Permission denied, please try again.
where 'mail' is the AD/DC.
It also fails if I am on the AD/DC an try the same ssh.
I've tried setting either the GSSAPIAuthentication or KerberosAuthentication in
/etc/ssh/sshd_config, but those don't help. I get:
Dec 1 06:09:19 mail sshd[8645]: rexec line 89: Unsupported option GSSAPIAuthentication
Dec 1 06:09:19 mail sshd[8645]: reprocess config line 89: Unsupported option GSSAPIAuthentication
Dec 1 06:09:22 mail sshd[8645]: Failed password for mark from 192.168.0.61 port 55802 ssh2
Dec 1 06:09:24 mail sshd[8645]: Connection closed by 192.168.0.61 port 55802 [preauth]
Dec 1 06:16:54 mail sshd[21898]: rexec line 83: Unsupported option KerberosAuthentication
Dec 1 06:16:54 mail sshd[21898]: reprocess config line 83: Unsupported option KerberosAuthentication
Dec 1 06:16:57 mail sshd[21898]: Failed password for mark from 192.168.0.61 port 55809 ssh2
Dec 1 06:17:00 mail sshd[21898]: Connection closed by 192.168.0.61 port 55809 [preauth]
The AD/DC host is Slackware and does not have PAM.
Note that I can log in from the AD to the Linux domain member as a domain user.
Is there a way to get domain users to ssh into the the AD? They do have home directories on
this server?
THX --Mark
More information about the samba
mailing list