[Samba] PKinit does not seem to be correctly setup - password requested and no pkinit(?)
Rowland Penny
rpenny at samba.org
Thu Aug 10 11:21:12 UTC 2023
On Mon, 7 Aug 2023 15:05:03 +0200
Olivier MARTIN via samba <samba at lists.samba.org> wrote:
> Actually, I realised after I forgot to add debug output from kinit.
>
>
> Here are the log for kinit: $ KRB5_TRACE=/dev/stdout kinit -V
> userresttest -X
> "X509_user_identity=FILE:/tmp/vm-test-server-pki/certs/userresttest.crt,/tmp/vm-test-server-pki/certs/private/userresttest.key"
> Using default cache: /tmp/krb5cc_1000
> Using principal: userresttest at SAMDOM.VM-TEST-SERVER
> [33961] 1691148868.491458: Error loading plugin module pkinit:
> 2/unable to load plugin
> [/usr/lib/x86_64-linux-gnu/krb5/plugins/preauth/pkinit.so]:
> /usr/lib/x86_64-linux-gnu/krb5/plugins/preauth/pkinit.so: cannot open
> shared object file: No such file or directory
>
I am not an expert here by any means, but doesn't the above mean that
pkinit isn't working, possibly because the required plugin isn't
installed ?
Try installing krb5-pkinit
Rowland
More information about the samba
mailing list