Hello,
I have a fedora core 11 server with kerberos all set up and working. I can log in to the machine with domain accounts without a problem. SSH, however, is not working correctly. I believe the issue is with supplying the domain, more specifically - the domain separator.
When trying: DOMAIN/user.name
/var/log/secure: input_userauth_request: invalid user DOMAIN
When trying: DOMAIN\user.name
/var/log/secure: input_userauth_request: invalid user DOMAINuser.name
When trying: DOMAIN+user.name
/var/log/secure: input_userauth_request: invalid user DOMAIN+user.name
for each attempt I have changed the winbind separator option to the character used.
Here is my sshd_config:
Code:
Protocol 2
SyslogFacility AUTHPRIV
RSAAuthentication no
PubkeyAuthentication no
PasswordAuthentication yes
ChallengeResponseAuthentication no
KerberosAuthentication yes
KerberosOrLocalPasswd yes
KerberosTicketCleanup yes
UsePAM yes
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
X11Forwarding yes
Subsystem sftp /usr/libexec/openssh/sftp-server
Any ideas?
Thanks,
Ryan