Kerberos and PAM
Hi,
I recently brought up a test box running Redhat 9 that authenticates against our Windows 2000 Active Directory controllers using kerberos. The authentication works perfectly, but I keep recieving annoying messages in my logs: Sep 22 19:40:40 skynet sshd(pam_unix)[19627]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=box1.network.net user=macdude Sep 22 19:40:40 skynet sshd[19627]: pam_krb5: authentication succeeds for `macdude' Sep 22 19:40:40 skynet sshd(pam_unix)[19628]: session opened for user macdude by (uid=0) As you can see the login succeeds, but a failure is recorded. I recieve an almost identical error message when logging in via the console. Not a big deal, but it clutters up my logs. Any help would be appreciated. P.S. Does anyone know if openSSH 3.7.x supports kerberos authentication with the SSH 2 protocol? If so, do you know of any FREE SSH Clients for Windows that support kerberos authentication. I'm attempting to implement single sign on....... |
"debug" settings in pam config?
|
I figured it out. In the auth section of /etc/pam.d/system-auth I placed the kerberos line ABOVE pam_unix - and the errors went away.
|
All times are GMT -5. The time now is 02:10 AM. |