2014-03-23 19:45 GMT-04:00 Dmitri Pal <[email protected]> > 2014-03-23 9:01 GMT+01:00 John Obaterspok <[email protected]>: > > > > Hello, > > > > How do I get vsftpd login to work with an existing ticket? > > I've added ftp as an identity service (ftp/[email protected]) > > Is there anything else I need to do to allow ftp login to vsftpd? > > What ftp client and server are you using? > Do you know whether they are actually supporting Kerberos? > May be consider other tools like scp instead?
I'm using vsftpd with default settings in Fedora 20 + ftp client from krb5-appl-clients. vsftpd is linked to pam, gssapi_krb5, and more. /etc/pam.d/vsftpd looks like this: #%PAM-1.0 session optional pam_keyinit.so force revoke auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed auth required pam_shells.so auth include password-auth account include password-auth session required pam_loginuid.so session include password-auth Perhaps I need to change something in the pam file in order to allow sso? -- john _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
