Hi mate, I have pasted the configuration file already. Here's the link: http://mailman.mit.edu/pipermail/kerberos/2011-January/016849.html.
Thanks. Eric On Tue, Jan 4, 2011 at 6:01 PM, Brian Candler <[email protected]> wrote: > On Tue, Jan 04, 2011 at 05:43:22PM +0800, Lee Eric wrote: >> Thanks mate. Is there anything wrong with my configuration file? > > I couldn't see anything, but please run the sshd -p99 test I specified. That > will almost certainly tell you in plain English what the problem is. > >> furthermore, how do you create your keytab? > > On the target ssh server: > > kadmin -p someone/admin > addprinc -randkey host/server.example.com > ktadd host/server.example.com > ^D > > Regards, > > Brian. > > P.S. if for some reason you can't do it there, then do it somewhere else but > write the key out to a different file: > > ktadd -k /tmp/server.example.com.keytab host/server.example.com > > Then copy this file to the ssh server as /etc/krb5.keytab > > Make sure it is fully protected! > chown 0:0 /etc/krb5.keytab > chmod 400 /etc/krb5.keytab > > And securely delete the intermediate copy: > shred -u /tmp/server.example.com.keytab > ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
