Questions tagged [gssapi]
47 questions
11
votes
3 answers
Putty Kerberos/GSSAPI authentication
I configured a few Linux servers to authenticate with Active Directory Kerberos using sssd on RHEL6. I also enabled GSSAPI authentication in hopes of passwordless logins.
But I can't seem to get Putty (0.63) to authenticate without a…
xdfil
- 481
- 2
- 6
- 15
9
votes
3 answers
Add GSSAPI to OpenLdap in supportedSASLMechanisms
I'm looking how to add the GSSAPI support into my OpenLDAP ?
Current setup
MIT Kerberos V + OpenLDAP
Kerberos bind to openldap
Able to issue kerberos tickets to my users (with kinit exampluser)
Able to ldapsearch -x uid=exampluser
Openldap…
Tolsadus
- 1,123
- 11
- 22
5
votes
1 answer
Can't get postgres and kerberos (gss) working together
I am trying to get postgres and kerberos, via GSSAPI, working together. Having trouble at this point. It does not help that I am really a newbie for both technologies. I have both postgres and kerberos working as expected separately, and am using…
Wanderer
- 151
- 1
- 1
- 5
4
votes
1 answer
Why is sshd engaging PAM still?
Background/Behavior is: if you ssh to box via and GSSAPI/Kerberos succeeds and you have a local user in /etc/passwd, you login fine per below PAM config. All Good there.
But if you don't have a local user in /etc/passwd but you can get a…
jouell
- 601
- 1
- 5
- 20
4
votes
0 answers
Cannot enable GSS-TSIG updates from Active Directory in BIND 9.10
I’m with a problem trying to enable GSS-TSIG with BIND 9.10.
Before I start describing what I’ve done, I would like to say that I’ve already done this in in another domain without any problems. So I think I’m missing something very specific. If…
Vinícius Ferrão
- 5,400
- 10
- 52
- 91
4
votes
2 answers
Is there a way to have tortisesvn use Windows 7 kerberos tickets to auth against an apache svn server?
I have putty able to use gssapi on my Windows 7 x64 clients against kerberos logins for SSH. I.e. it forwards the ticket you get when you log in to windows. I can't figure out how to get tortiseSVN to do the same. I can get it to prompt me for my…
jmp242
- 668
- 3
- 13
3
votes
1 answer
gssproxy: apache httpd as nfs-client? centos7
When Apache httpd attempts to access a user directory automounted with sec=krb5p, and presumably other sec=krb options, gssproxy issues a failure message and the web server replies with 403 Forbidden. The debug option on gssproxy has not been…
84104
- 12,698
- 6
- 43
- 75
3
votes
1 answer
Wrong user mapping in kerberized NFSv4 automounted homedirs
Short problem description
This question is about id mapping in NFSv4 going wrong.
NFS server: a Synology DS, with DSM 5.2.
Client: A regular FC22 machine, which automounts as /home one of the exported folders from above.
Both machines are enrolled…
cornuz
- 437
- 1
- 7
- 17
3
votes
1 answer
problems creating a keytab file on win server
I am trying to create a keytab file. i see a warning
WARNING: pType and account type do not match. This might cause problems.
The command i use is
ktpass -princ HTTP/bloodhound.domain.com@DOMAIN.COM -mapuser ldaplookup@domain.com -crypto…
shorif2000
- 357
- 1
- 7
- 26
3
votes
1 answer
SSH - slow authentication
This is more of a curiosity question then a problem at this point. I have resolved my problem which i'll post the solution that worked for me.
problem
I was getting rather slow authentication times when i attempted to log in from a windows 7 box…
au_stan
- 347
- 1
- 10
3
votes
1 answer
Openldap/Sasl/GSSAPI on Debian: Key table entry not found
The goal: to make an OpenLDAP server to authenticate using Kerberos V via GSSAPI
Setup: several virtual machines running on freshly installed/updated Debian Squeeze
A master KDC server
kdc.example.com
A LDAP server, running…
badbishop
- 898
- 3
- 11
- 21
2
votes
1 answer
Intermittent Kerberos failures: GSSAPI authentication initialization failed
When using MIT Kerberos Ticket Manager with PuTTY 0.65 and WinSCP 5.9.3, I am sometimes unable to get a connnection to the server I am logging into. PuTTY will respond with either No supported authentication methods available (server sent: ) or No…
Chris Watts
- 265
- 1
- 3
- 11
2
votes
2 answers
Apache SSO through Kerberos using Machine Account
I'm attempting to get Apache on Ubuntu 12.04 to authenticate users via Kerberos SSO to a Windows 2008 Active Directory server. Here are a few things that make my situation different:
I don't have administrative access to the Windows Server (nor…
watkipet
- 242
- 2
- 3
- 10
2
votes
3 answers
Wrong principal in request (SSH/ GSSAPI/Kerberos/Debian)
I've set up two VMs on an "internal" (in VirtualBox meaning) network, one being a DNS server (dns1.example.com) and the other - a KDC and Kerberos admin server (kdc.example.com). The default and the only realm is EXAMPLE.COM. Both machines use…
badbishop
- 898
- 3
- 11
- 21
2
votes
1 answer
OpenSSH + Kerberos SSO: No key table entry found for host/localhost.localdomain
SSO not working with OpenSSH - I have not been able to get GSSAPIAuthentication to work with Kerberos. Everytime I attempted to login, I kept getting prompted for the password.
During the troubleshooting, I initiated a debug here:
[foster@kvm0007…
Rilindo
- 5,058
- 5
- 26
- 46