I tried to follow your instructions at:
http://www-oss.fnal.gov/projects/fermilinux/common/kerberos.html,
installed all the 8 rpms on a RHEL4 workstation at Princeton but ssh to
Fermilab unix systems did not work. I am sure other people must have
experienced similar problems. I would to share how I made it working and
would welcome ideas to improve the steps:
a) All the three krb5 rpms installed fine but kinit -Af [log in to unmask]
would not work until I opened all the ports from FNAL (131.225.0.0/16)
network. I don't think we need to open all the ports, if you know
precisely which ones please let me know.
b) When I installed all the openssh-*.SLF.*.rpm on my workstation, I was
no longer able to ssh into my workstation using other RHEL-distributed
ssh clients. I tried installing only openssh-clients SLF package but it
failed due to dependency problems. I used --nodeps switch:
rpm -U --nodeps openssh-clients-3.9p1-8.SLF.4.18.i386.rpm
The package installed fine and seems to be working with existing
RHEL-distributed dependent rpms. I had the impression that RHEL and FNAL
ssh rpms install in their own sub-dirs and can co-exist, but apparently not.
Only after these variations from the doc in the above referred webpage,
kinit worked and I could ssh to FNAL Unix systems without
password/cryptocard.
Vinod
Princeton