[39049] in Kerberos
Re: Debugging why KRB5_KTNAME isn't working
daemon@ATHENA.MIT.EDU (Jochen Kellner)
Thu Jan 27 14:49:07 2022
From: Jochen Kellner <jochen@jochen.org>
To: Greg Hudson <ghudson@mit.edu>
Date: Thu, 27 Jan 2022 20:31:25 +0100
In-Reply-To: <786a0a7b-2d3c-f016-a32c-c8e8c21f7a6c@mit.edu> (Greg Hudson's
message of "Thu, 27 Jan 2022 13:41:38 -0500")
Message-ID: <83zgnh2cxe.fsf@jochen.org>
MIME-Version: 1.0
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Greg Hudson <ghudson@mit.edu> writes:
> Of course, the program itself can provide configuration for the keytab
> file. I couldn't find any gss_ or krb5_ calls in the Postfix source
> code (looking at Viktor Dukhovni's git mirror), so I don't have any
> immediate insight as to whether that's currently possible or what would
> need to change.
I once configured postfix to uses sasl:
main.cf:83:smtpd_sasl_auth_enable = yes
And in /etc/postfix/sasl/smtpd.conf:
pwcheck_method: auxprop saslauthd
#pwcheck_method: saslauthd
mech_list: plain login gssapi
log_level: 0
keytab: /etc/smtp.keytab
That at least worked some time ago...
Jochen
--
This space is intentionally left blank.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos