Please help: Compiling/configuring OpenSSH on SunOS 5.5.1 with AFS

Ernst Boetsch Ernst.Boetsch at lrz-muenchen.de
Thu Jan 17 20:03:30 EST 2002 

Hello *,


i have some problems to compile/configure OpenSSH on SunOS 5.5.1
with AFS.  See the attachment for the compile environment.

The programs compile fine and token passing is without problems.

Unfortunately it is not possible to login without a valid token
(`Permission denied.').
There is following message in the syslog:

	Kerberos v4 TGT for ... unverifiable: Principal unknown (kerberos); rcmd.wsc33 not registered, or srvtab is wrong?
	Failed password for ... from ...

If i use an old ssh-1.2.27 with the patch from Dug Song (many thanks)
and security fixes i have no problems:

	Kerberos V4 TGT for ... unverifiable: Principal unknown (kerberos); rcmd.wsc33 not registered, or srvtab is wrong?
	Password authentication for ... accepted.


Any hint is appreciated very much since i am not familiar with AFS or
Kerberos programming.

Did i miss something?  E.g. i could not find a `README.AFS'.


Thanks in advance.

Kind regards,
    Ernst Boetsch

-- 
*******************************************************************
Ernst N. Boetsch                      |  Leibniz Computer Center
                                      |     of the Bavarian Academy
Email: Ernst.Boetsch at lrz-muenchen.de  |     of Sciences
Phone: +49 89 289-28831 (/-28784)     |  Barer Strasse 21
Fax:   +49 89 2809460                 |  D-80333 Muenchen, Germany



########################################################################

Compile environment:

 * uname -a:
   SunOS wsc33 5.5.1 Generic_103640-35 sun4u sparc SUNW,Ultra-2

 * zlib-1.1.3, krb4-1.1, openssl-0.9.6c

 * /opt/SUNWspro/bin/cc

 * `openssh-3.0.2p1' with the AFSPassTokenBeforeAuth patch
   of Serge Droz (it is very important for me, many thanks).

 * Configure information:

OpenSSH has been configured with the following options:
                 User binaries: /sw/sun4_55/Security/openssh-3.0.2p1
               System binaries: /sw/sun4_55/Security/openssh-3.0.2p1
           Configuration files: /usr/local/etc/openssh
               Askpass program: /sw/sun4_55/Security/openssh-3.0.2p1/ssh-askpass
                  Manual pages: /sw/sun4_55/Security/openssh-3.0.2p1/man/manX
                      PID file: /usr/local/etc/openssh
        sshd default user PATH: /usr/bin:/usr/ucb:/usr/local/bin:/client/bin
      Random number collection: Builtin (timeout 200)
                Manpage format: man
                   PAM support: no
            KerberosIV support: yes
             Smartcard support: no
                   AFS support: yes
                 S/KEY support: no
          TCP Wrappers support: yes
          MD5 password support: no
   IP address in $DISPLAY hack: no
      Use IPv4 by default hack: yes
       Translate v4 in v6 hack: no

              Host: sparc-sun-solaris2.5.1
          Compiler: /opt/SUNWspro/bin/cc
    Compiler flags: -O
Preprocessor flags: -I/client/include -I/client/include -I/usr/local/include -I/usr/afsws/include
      Linker flags: -R/client/lib -L/client/lib -s -z muldefs -L/client/lib -R/client/lib -L/usr/local/lib -R/usr/local/lib -L/usr/afsws/lib
         Libraries: -lkafs -lresolv -ldes -lkrb -lwrap -lz -lsocket -lnsl  -lcrypto -ldes

More information about the openssh-unix-dev mailing list