Hi all,

A quick question before I start bugging the dev list: I'm using SL4.2 as
workstation and authenticate to a MIT kerberos5 server (no krb4 or 524
services), and use a homedir on our afs cell; To enable this in SL, I use
the pam_krb5 rpm, which is currently version 2.1.8-1. This works, except it
takes about half a minute before the authentication is done, and I'm
connected to my homedir.

Has anyone seens this on other sites? 

The problem seems to be in the pam_krb5 module which forces krb4 translation
when using afs...

Some relevant info:
-krb5.conf
pam = {
   debug = false
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false
   krb4_get_tickets = false
 }

- pam.d/system-auth
auth sufficient /lib/security/$ISA/pam-krb5afs.so use_first_pass tokens (<-
not sure about the file, but options are correct)

Thank you in advance!

Hugo Meiland,
ICT Chemistry Department,
Leiden University,
The Netherlands