[Bug 268186] Kerberos authentication fails with a Linux/FreeIPA KDC
- In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 268186] Kerberos authentication fails with a Linux/FreeIPA KDC"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 17 Dec 2022 04:59:46 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268186 --- Comment #26 from Cy Schubert <cy@FreeBSD.org> --- (In reply to amendlik from comment #25) This is likely because of some customization FreeIPA made to their MIT KRB5. Red Hat does this too. Rather than give you a precise and factual description of libraries, think of them as "helpers" for an application. The Heimdal libraries ("helpers") implement the KRB5 protocol differently than the MIT "helpers" do. You can see the libraries ("helpers") associated with a app by running ldd against the app or against another library. What are the following set in your sshd_config? GSSAPIAuthentication KerberosAuthentication Though even if those are set to "no," the Heimdal libraries are still loaded and can still interfere with authentication because Heimdal function names are the same as MIT function names -- reason for the patch I posted earlier. -- You are receiving this mail because: You are the assignee for the bug.