Questions tagged [gssapi]

47 questions
11
votes
3 answers

Putty Kerberos/GSSAPI authentication

I configured a few Linux servers to authenticate with Active Directory Kerberos using sssd on RHEL6. I also enabled GSSAPI authentication in hopes of passwordless logins. But I can't seem to get Putty (0.63) to authenticate without a…
xdfil
  • 481
  • 2
  • 6
  • 15
9
votes
3 answers

Add GSSAPI to OpenLdap in supportedSASLMechanisms

I'm looking how to add the GSSAPI support into my OpenLDAP ? Current setup MIT Kerberos V + OpenLDAP Kerberos bind to openldap Able to issue kerberos tickets to my users (with kinit exampluser) Able to ldapsearch -x uid=exampluser Openldap…
Tolsadus
  • 1,123
  • 11
  • 22
5
votes
1 answer

Can't get postgres and kerberos (gss) working together

I am trying to get postgres and kerberos, via GSSAPI, working together. Having trouble at this point. It does not help that I am really a newbie for both technologies. I have both postgres and kerberos working as expected separately, and am using…
Wanderer
  • 151
  • 1
  • 1
  • 5
4
votes
1 answer

Why is sshd engaging PAM still?

Background/Behavior is: if you ssh to box via and GSSAPI/Kerberos succeeds and you have a local user in /etc/passwd, you login fine per below PAM config. All Good there. But if you don't have a local user in /etc/passwd but you can get a…
jouell
  • 601
  • 1
  • 5
  • 20
4
votes
0 answers

Cannot enable GSS-TSIG updates from Active Directory in BIND 9.10

I’m with a problem trying to enable GSS-TSIG with BIND 9.10. Before I start describing what I’ve done, I would like to say that I’ve already done this in in another domain without any problems. So I think I’m missing something very specific. If…
Vinícius Ferrão
  • 5,400
  • 10
  • 52
  • 91
4
votes
2 answers

Is there a way to have tortisesvn use Windows 7 kerberos tickets to auth against an apache svn server?

I have putty able to use gssapi on my Windows 7 x64 clients against kerberos logins for SSH. I.e. it forwards the ticket you get when you log in to windows. I can't figure out how to get tortiseSVN to do the same. I can get it to prompt me for my…
jmp242
  • 668
  • 3
  • 13
3
votes
1 answer

gssproxy: apache httpd as nfs-client? centos7

When Apache httpd attempts to access a user directory automounted with sec=krb5p, and presumably other sec=krb options, gssproxy issues a failure message and the web server replies with 403 Forbidden. The debug option on gssproxy has not been…
84104
  • 12,698
  • 6
  • 43
  • 75
3
votes
1 answer

Wrong user mapping in kerberized NFSv4 automounted homedirs

Short problem description This question is about id mapping in NFSv4 going wrong. NFS server: a Synology DS, with DSM 5.2. Client: A regular FC22 machine, which automounts as /home one of the exported folders from above. Both machines are enrolled…
cornuz
  • 437
  • 1
  • 7
  • 17
3
votes
1 answer

problems creating a keytab file on win server

I am trying to create a keytab file. i see a warning WARNING: pType and account type do not match. This might cause problems. The command i use is ktpass -princ HTTP/bloodhound.domain.com@DOMAIN.COM -mapuser ldaplookup@domain.com -crypto…
3
votes
1 answer

SSH - slow authentication

This is more of a curiosity question then a problem at this point. I have resolved my problem which i'll post the solution that worked for me. problem I was getting rather slow authentication times when i attempted to log in from a windows 7 box…
au_stan
  • 347
  • 1
  • 10
3
votes
1 answer

Openldap/Sasl/GSSAPI on Debian: Key table entry not found

The goal: to make an OpenLDAP server to authenticate using Kerberos V via GSSAPI Setup: several virtual machines running on freshly installed/updated Debian Squeeze A master KDC server kdc.example.com A LDAP server, running…
badbishop
  • 898
  • 3
  • 11
  • 21
2
votes
1 answer

Intermittent Kerberos failures: GSSAPI authentication initialization failed

When using MIT Kerberos Ticket Manager with PuTTY 0.65 and WinSCP 5.9.3, I am sometimes unable to get a connnection to the server I am logging into. PuTTY will respond with either No supported authentication methods available (server sent: ) or No…
Chris Watts
  • 265
  • 1
  • 3
  • 11
2
votes
2 answers

Apache SSO through Kerberos using Machine Account

I'm attempting to get Apache on Ubuntu 12.04 to authenticate users via Kerberos SSO to a Windows 2008 Active Directory server. Here are a few things that make my situation different: I don't have administrative access to the Windows Server (nor…
watkipet
  • 242
  • 2
  • 3
  • 10
2
votes
3 answers

Wrong principal in request (SSH/ GSSAPI/Kerberos/Debian)

I've set up two VMs on an "internal" (in VirtualBox meaning) network, one being a DNS server (dns1.example.com) and the other - a KDC and Kerberos admin server (kdc.example.com). The default and the only realm is EXAMPLE.COM. Both machines use…
badbishop
  • 898
  • 3
  • 11
  • 21
2
votes
1 answer

OpenSSH + Kerberos SSO: No key table entry found for host/localhost.localdomain

SSO not working with OpenSSH - I have not been able to get GSSAPIAuthentication to work with Kerberos. Everytime I attempted to login, I kept getting prompted for the password. During the troubleshooting, I initiated a debug here: [foster@kvm0007…
Rilindo
  • 5,058
  • 5
  • 26
  • 46
1
2 3 4