[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: pam and kerberos + xlock on Debian

On Fri, Nov 16, 2001 at 09:27:49AM -0500, Sam Hartman wrote:

> So, you can't really do this securely without having read access to
> /etc/krb5.keytab.  The problem is that  you cannot verify the TGT  you

But we have no /etc/krb5.keytab (and I don't know what in this file should
be -- there is nothing about it in any documentation I have read, i.e. man
pages and /usr/share/doc). What should be in this file?

There is installed potato on most of our computers but we have also woody
installed on some machines. On both types of systems we have installed
Kerberos from woody. We tried to temporarily solve our problem with
setting suid bit on the xlock binary. Then the authentication with
Kerberos works fine on potato installed machines but it does not work on
woody. So we tried to install xlockmore-gl from potato (ver. 4.15-10) on
woody but it took no effect. The authentication does not work. Don't you
have any idea how to make it work?

Thank you for any advice

Marcel Kolaja                              http://www.fi.muni.cz/~xkolaja/
NLPlab FI MU                                        http://nlp.fi.muni.cz/
"It Has To Work."       -- RFC 1925

Reply to: