Subject: | |
From: | |
Reply To: | |
Date: | Tue, 31 Jan 2006 09:30:24 +0100 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Hi all,
A quick question before I start bugging the dev list: I'm using SL4.2 as
workstation and authenticate to a MIT kerberos5 server (no krb4 or 524
services), and use a homedir on our afs cell; To enable this in SL, I use
the pam_krb5 rpm, which is currently version 2.1.8-1. This works, except it
takes about half a minute before the authentication is done, and I'm
connected to my homedir.
Has anyone seens this on other sites?
The problem seems to be in the pam_krb5 module which forces krb4 translation
when using afs...
Some relevant info:
-krb5.conf
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
krb4_get_tickets = false
}
- pam.d/system-auth
auth sufficient /lib/security/$ISA/pam-krb5afs.so use_first_pass tokens (<-
not sure about the file, but options are correct)
Thank you in advance!
Hugo Meiland,
ICT Chemistry Department,
Leiden University,
The Netherlands
|
|
|