Hi everyone, I'm using an NFS v4 export (sec=sys with root_squash enabled) to store my users home directories. I'd like to use a ".k5login" file for a particular user.
My users are authenticating throw SSH using GSS-API, and user "[email protected]" is trying to connect to account "[email protected]". In Alice's home I do have a k5login file (something like /nfs/home/alice/.k5login) with the following content: ``` [email protected] [email protected] ``` When bob tries to connect as alice, this does not work (I was expecting this to fail). I've tried to set `k5login_directory` to a local directory in my server's krb5.conf and everything works as expected. The problem seems that the ssh daemon can't access /nfs/home/alice/.k5login because of the root_squash and the /nfs/home/alice directory permissions (0750). I'm wondering what is the recommended way to use k5login files with users home stored in NFS filesystems with root_squash option enabled ? Is that even possible (how ssh daemon can access a k5login file inside an NFS share with root_squash) ? Thanks Cheers RĂ©mi ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
