Register a domain and help support LQ
Go Back > Forums > Linux Forums > Linux - Software
User Name
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.


  Search this Thread
Old 03-07-2006, 11:58 AM   #1
Registered: Jan 2005
Distribution: fedora, redhat, gentoo, suse
Posts: 30

Rep: Reputation: 15
Preauthentication fails with on debian

I can get this to work on a Fedora Core 3 box in less than a minute. I've been trying to do the same thing on debian for a week with no luck.

I want to use a kerberos password to login to linux. The KDC is Windows Server 2K3. the linux boxes are all using LDAP throuh active directory.

When i try to log in on a debian machine I get this error:

Mar 7 11:39:18 machine sshd[14948]: Illegal user test from ::ffff:
Mar 7 11:39:20 machine sshd[14948]: (pam_unix) check pass; user unknown
Mar 7 11:39:20 machine sshd[14948]: (pam_unix) authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=localhost.localdomain
Mar 7 11:39:20 machine sshd[14948]: pam_krb5: pam_sm_authenticate(ssh test): entry:
Mar 7 11:39:20 machine sshd[14948]: pam_krb5: pam_sm_authenticate(ssh test): krb5_get_init_creds_password(): Preauthentication failed
Mar 7 11:39:20 machine sshd[14948]: pam_krb5: pam_sm_authenticate(ssh test): exit: failure
Mar 7 11:39:22 machine sshd[14948]: error: PAM: Permission denied for illegal user test from localhost.localdomain
Mar 7 11:39:23 machine sshd[14948]: Failed keyboard-interactive/pam for illegal user test from ::ffff: port 33531 ssh2

Preauthentication Failed.... what does debian need to preauthenticate that Fedora doesn't?
The clocks are all in sync with ntp. I can kinit with the user fine.
I can ldap with the user and bind with the ldap bind account.

getent passwd and getent shadow work as they should.

auth sufficient nullok_secure
auth sufficient try_first_pass debug

account sufficient
account sufficient

session sufficient
session sufficient

What am i doing wrong????


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
pam_krb5 won't retrieve a kerberos ticket Thakowbbery Conectiva 1 01-10-2007 06:20 AM
Debian-Sarge never fails to surprise me........ Monkey 9 Debian 7 12-08-2005 07:40 AM fails to retreive ticket nilecirb Linux - Networking 0 07-30-2005 12:06 AM
pam_mount + pam_winbind + pam_krb5. All in one (?) Thakowbbery Linux - Networking 2 06-15-2005 07:49 AM
pam_krb5 source code mbtoys Linux - Networking 0 08-27-2003 08:54 AM

All times are GMT -5. The time now is 10:16 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration