[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Solaris 10, GSSAPI and fqhn
----- Original Message -----
From: Andreas Haupt <email@example.com>
Date: Wednesday, February 16, 2005 1:40 am
Subject: Solaris 10, GSSAPI and fqhn
> I'm experiencing problems with logging into a Solaris 10 machine
> OpenSSH 3.9p1 and authenticating against GSSAPI. The OpenSSH Server
> prints the following error messages to the logfile in debug mode:
> Feb 16 08:55:32 nike sshd: [ID 800047 auth.debug] debug2:
> input_userauth_request: try method gssapi-with-mic
> Feb 16 08:55:32 nike sshd: [ID 800047 auth.debug] debug1:
> Miscellaneous failure (see text)\nunable to find realm of host nike
Have you created a krb5.conf that states the default realm or have a TXT record in your DNS so the system can look up its default realm?
> Feb 16 08:55:32 nike sshd: [ID 800047 auth.info] Failed
> gssapi-with-mic for ahaupt from 126.96.36.199 port 55502 ssh2
> This problem I know from earlier Solaris versions as well. After a
> installation there is only a host entry without the fqhn in
> Correcting this always helped...
> resolv.conf and nsswitch.conf are set up exactly as on our Solaris
> machines. The only thing that helps by now (on the Solaris 10
> machine) is
> setting the host name to the fqhn with the 'hostname' command. But
> isn't needed on Solaris 8!
> The used heimdal version (0.6.3) was compiled on Solaris 8. Might
> this be
> the problem?
> Thanks in advance
> | Andreas Haupt | E-Mail: firstname.lastname@example.org
> | DESY Zeuthen | WWW:
> http://www.desy.de/~ahaupt| Platanenallee 6 |
> Phone: +49/33762/7-7359
> | D-15738 Zeuthen | Fax: +49/33762/7-7216