[14600] in Kerberos
Re: canonical kerberos pam module for solaris 2.7 ?
daemon@ATHENA.MIT.EDU (Nicolas Williams)
Wed Jun 27 10:30:12 2001
Date: Wed, 27 Jun 2001 10:22:30 -0400
From: Nicolas Williams <Nicolas.Williams@ubsw.com>
To: Martin Schulz <schulz@iwrmm.math.uni-karlsruhe.de>
Cc: kerberos@MIT.EDU
Message-ID: <20010627102226.C9416@sm2p1386swk.wdr.com>
Mail-Followup-To: Martin Schulz <schulz@iwrmm.math.uni-karlsruhe.de>,
kerberos@MIT.EDU
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
In-Reply-To: <m3wv5ygl8l.fsf@iwr15.mathematik.uni-karlsruhe.de>; from schulz@iwrmm.math.uni-karlsruhe.de on Wed, Jun 27, 2001 at 02:28:42PM +0200
On Wed, Jun 27, 2001 at 02:28:42PM +0200, Martin Schulz wrote:
> Nicolas Williams <Nicolas.Williams@ubsw.com> writes:
>
> > PAM_KRB5 is one very re-invented wheel!
>
> Yes it seems so. Thats why I asked for the "canonical way".
>
> I now have chosen to use the same module I already use on my linux
> boxes, the pam_krb5afs. It was not so easy to get it compiling and
> work (installing flex, lots of library issues, libkrbafs.so and so
> on.)
Is this the RedHat module?
There's been some discussion (on the Linux-PAM list) about the need for
a module that can support AFS with krb5. I think the most desirable
approach would be to have a pam_afs which uses a [temporary] ccache
created by pam_krb5 to do its thing.
> I had struggled for several hours yesterday and today, because I had
> not changed the "required" into a sufficient for the
> pam_unix-module. Bizarre enough, this had consequences for the console
> login but not for the 'su' when using a ssh connection.
Well, it's hard to say anything about this without seeing the pam.conf.
> Yours,
> --
> Martin Schulz schulz@iwrmm.math.uni-karlsruhe.de
> Uni Karlsruhe, Institut f. wissenschaftliches Rechnen u. math. Modellbildung
> Engesser Str. 6, 76128 Karlsruhe
Nico
--
.
Visit our website at http://www.ubswarburg.com
This message contains confidential information and is intended only
for the individual named. If you are not the named addressee you
should not disseminate, distribute or copy this e-mail. Please
notify the sender immediately by e-mail if you have received this
e-mail by mistake and delete this e-mail from your system.
E-mail transmission cannot be guaranteed to be secure or error-free
as information could be intercepted, corrupted, lost, destroyed,
arrive late or incomplete, or contain viruses. The sender therefore
does not accept liability for any errors or omissions in the contents
of this message which arise as a result of e-mail transmission. If
verification is required please request a hard-copy version. This
message is provided for informational purposes and should not be
construed as a solicitation or offer to buy or sell any securities or
related financial instruments.
