Dear Russ,
thanks a lot!
If I put [EMAIL PROTECTED] first in .k5login it works with password authentication.
Nice workaround! Or isn't it a bug but a feature!?
What I would expect is that it takes the principal given as user for ssh and doesn't touch .k5login if Kerberos authentication fails...
Anyway the problem seems not to be the package, but upstream.
Timm
Russ Allbery wrote:
With the stock Kerberos v5 libraries, the last that I checked (which admittedly was some time ago), various things interact so that password authentication is only checked against the first listed principal in .k5login. Could you try putting your principal first in that file and see if that resolves the problem? (I'm not sure if that's subsequently been fixed in K5, but if not, it would explain this.)
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
