From nobody Sat Feb 17 21:12:54 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TchN96FVwz59hB5 for ; Sat, 17 Feb 2024 21:12:57 +0000 (UTC) (envelope-from mvoorhis@gmail.com) Received: from mail-oi1-x231.google.com (mail-oi1-x231.google.com [IPv6:2607:f8b0:4864:20::231]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TchN935n1z4bQx for ; Sat, 17 Feb 2024 21:12:57 +0000 (UTC) (envelope-from mvoorhis@gmail.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-oi1-x231.google.com with SMTP id 5614622812f47-3bbb4806f67so2164329b6e.3 for ; Sat, 17 Feb 2024 13:12:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1708204375; x=1708809175; darn=freebsd.org; h=in-reply-to:from:references:to:content-language:subject:cc :user-agent:mime-version:date:message-id:from:to:cc:subject:date :message-id:reply-to; bh=YK6IZsbcyaVH69i4t0OQFYXebyCa6FylQnf76trctHc=; b=huf/RlYL53Bo7lMU6NqOu/legzCX3ffEjDDb4F+mi1YzV0uGB1K0+pJjRobFsRPsbx WNX1lvlY05ngtLiVi8EcsZyESmfScBo9ooDKY8qhop2okdTqukJfr4730BAf/W3lAGgV /lfp21mDhW1vZu/tikPTh+yyuJNfamzKYtOzKWPg4hvzTVYu5+2NQDz0GofVaZ+OeI0e 1P9cqedc41q3YC8T++kUYGG1O/dVrapNMo84dwV9MktyasyospKAdkw0O5IAcoc3eF00 1hB9xZde4FwxJ6qYWfyAVY1uWFw+9OuOeOpl/IwlAt/ssWH2FAzrr+iaVmsYMxhrtskt P/IQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708204375; x=1708809175; h=in-reply-to:from:references:to:content-language:subject:cc :user-agent:mime-version:date:message-id:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=YK6IZsbcyaVH69i4t0OQFYXebyCa6FylQnf76trctHc=; b=kldP7cpk49nbb/EYkWELZTpODSX7gxFOO5Lsx+/Y40GtT1lWpxVTRLJr8Bb5AqQIF8 qTAYMTDWbsScuii3dfOlBuEcLVGfs3qWuWUKAt+BrHuKRByGYO8pzqIjwnsgXaMN0Acw VtTXb2zBuDJdIsAr29v0pB1qbmgYiriIVQgaE/Qp6tOXRXVqSNY6Mda23plEXBn+epYD /s7JnMjlft+w98Amq+3FA7XomMzVikgDUWb1CnFwTWo0LXliTkXPY0IrJaKPOfRCDDsa 8V28SJyGlZC7Ew/zCkhVzJpN+EUutZoCr7Ug/jpQn9o9bJjIj1wQgcrFePk4DALLUTQI na+g== X-Gm-Message-State: AOJu0YyXnLdo8qNS9VSWxUh+XHoNaQtaWhC6+xfRpNCbgMIX5QWXWLo0 2cQmRB+0UlXMEwA0wpoLbe/UE3AaqtpwpkP6JE9Dm/E0qexmMegFlHpB60yQ X-Google-Smtp-Source: AGHT+IExs2VzJ2fQgwLGdfY5+xWBjdLotFdJK1wE5Mg0LBGdGOpJT3Gi5O/CVSUqjRPVgaEo0q9eOQ== X-Received: by 2002:a05:6808:1410:b0:3c0:7efa:fd4f with SMTP id w16-20020a056808141000b003c07efafd4fmr11672455oiv.1.1708204375214; Sat, 17 Feb 2024 13:12:55 -0800 (PST) Received: from ?IPV6:2600:6c64:627f:8dcf:501d:cd30:e3a1:2248? (2600-6c64-627f-8dcf-501d-cd30-e3a1-2248.inf6.spectrum.com. [2600:6c64:627f:8dcf:501d:cd30:e3a1:2248]) by smtp.gmail.com with ESMTPSA id q26-20020ae9e41a000000b00783ce19f9e6sm1108338qkc.57.2024.02.17.13.12.54 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 17 Feb 2024 13:12:54 -0800 (PST) Content-Type: multipart/alternative; boundary="------------KpZoGFQKpnaMaGu3gGoQKS01" Message-ID: Date: Sat, 17 Feb 2024 16:12:54 -0500 List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Cc: mvoorhis@gmail.com Subject: Re: openPAM and Kerberos in FreeBSD13 Content-Language: en-US To: freebsd-questions@FreeBSD.org References: From: Michael Voorhis In-Reply-To: X-Spamd-Bar: ---- X-Rspamd-Queue-Id: 4TchN935n1z4bQx X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US] This is a multi-part message in MIME format. --------------KpZoGFQKpnaMaGu3gGoQKS01 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Sorry, should have mentioned: Yes, I did use the "debug" option when working with files in /etc/pam.d/[...] . On 2/17/24 16:02, Michael Voorhis wrote: > The PAM-failing client machine has a keytab file with a dedicated > host-key so the KDC knows about it. PAM provides no useful errors of > any kind. --------------KpZoGFQKpnaMaGu3gGoQKS01 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit Sorry, should have mentioned: Yes, I did use the "debug" option when working with files in /etc/pam.d/[...] .

On 2/17/24 16:02, Michael Voorhis wrote:
> The PAM-failing client machine has a keytab file with a dedicated > host-key so the KDC knows about it. PAM provides no useful errors of > any kind.

--------------KpZoGFQKpnaMaGu3gGoQKS01--