Hi guys,
i'm facing some trouble when i do ssh to a CentOS 6.2 machine using AD authentication. I am using SSSD, with krb5.conf and sssd.conf, well configured (tested in other OS, like RHEL). The account information comes when i make id or getent passwd. Seems something with ssh and kerberos troubles.
I have already set 777 permission on /tmp and disabled SElinux, like logs indicates permission issue, but didn't get sucess. Have tried an update but in vain too.
The krb5.child log is:
Can anyone help me?
Thanks,
Hugo Lima.
On Wed, Dec 12, 2012 at 12:26:11PM -0200, Hugo Lima wrote:
Hi guys,
i'm facing some trouble when i do ssh to a CentOS 6.2 machine using AD authentication. I am using SSSD, with krb5.conf and sssd.conf, well configured (tested in other OS, like RHEL). The account information comes when i make id or getent passwd. Seems something with ssh and kerberos troubles.
I have already set 777 permission on /tmp and disabled SElinux, like logs indicates permission issue, but didn't get sucess. Have tried an update but in vain too.
The krb5.child log is:
Can anyone help me?
Thanks,
Hugo Lima.
Hi Hugo, It seems you forgot to paste or attach the krb5 child log?
On Wed 12 Dec 2012 12:59:21 PM EST, Jakub Hrozek wrote:
On Wed, Dec 12, 2012 at 12:26:11PM -0200, Hugo Lima wrote:
Hi guys,
i'm facing some trouble when i do ssh to a CentOS 6.2 machine using AD authentication. I am using SSSD, with krb5.conf and sssd.conf, well configured (tested in other OS, like RHEL). The account information comes when i make id or getent passwd. Seems something with ssh and kerberos troubles.
I have already set 777 permission on /tmp and disabled SElinux, like logs indicates permission issue, but didn't get sucess. Have tried an update but in vain too.
The krb5.child log is:
Can anyone help me?
Thanks,
Hugo Lima.
Hi Hugo, It seems you forgot to paste or attach the krb5 child log?
It came through as an image. It reads (minus timestamps):
[krb5_child_setup] (0x0020): 1395: [13][Permission denied] [main] (0x0020): krb5_child_setup failed.
I spoke to him about this privately elsewhere (and forwarded him here). There is no issue with perms on /tmp or SELinux getting in the way. I'm not sure what else might be going on here.
Hugo, can you include your (sanitized) sssd.conf?
sssd-users@lists.fedorahosted.org
-
Hugo Lima -
Jakub Hrozek -
Stephen Gallagher