Problem with Kerberos auth on AIX 5.3
Chapman, Kyle
Kyle_Chapman at G1.com
Fri Feb 6 08:49:53 EST 2009
Have you tried the binary stuff off:
http://sourceforge.net/project/showfiles.php?group_id=127997
Its not the latest, however it works (krb5 support as well). Have you
also tried to build while using the ibm supplied MIT distro (its on the
aix expansion kit cd)?
-----Original Message-----
From: openssh-unix-dev-bounces+kyle_chapman=g1.com at mindrot.org
[mailto:openssh-unix-dev-bounces+kyle_chapman=g1.com at mindrot.org] On
Behalf Of Dop
Sent: Thursday, February 05, 2009 4:37 PM
To: openssh-unix-dev at mindrot.org
Subject: Problem with Kerberos auth on AIX 5.3
I've been banging my head against this for a few days so I thought I'd
see if anyone has an idea of what's going on.
AIX 5.3
OpenSSH 5.1p1
MIT Kerberos 1.6.3
zlib 1.2.3
Built with CC=cc and LDFLAGS=-brtl
When the client attempts to enter their kerberos password the daemon
rejects it with the following message:
debug1: Kerberos password authentication failed: Not enough space.
If you try again the message changes to:
debug1: Kerberos password authentication failed: There is not enough
memory available now.
I tracked that down to auth-krb5.c and a call to
krb5_sname_to_principal(). If you comment out that call kerberos
password authentication works just fine. Unfortunately, that's not a
good long term solution. It smells like some crazy AIX memory
allocation problem to me. The ulimit settings appear fine and that's
about the limit of my AIX knowledge.
Any thoughts?
Thanks,
Mike
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev at mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
NOTICE: This E-mail may contain confidential information. If you are not
the addressee or the intended recipient please do not read this E-mail
and please immediately delete this e-mail message and any attachments
from your workstation or network mail system. If you are the addressee
or the intended recipient and you save or print a copy of this E-mail,
please place it in an appropriate file, depending on whether
confidential information is contained in the message.
More information about the openssh-unix-dev
mailing list