[Freeipa-users] ssh sso and automounted NFSv4 home directories
Rob Crittenden
rcritten at redhat.com
Tue Aug 11 20:33:18 UTC 2009
Fabián Lema wrote:
> Hello,
> I am trying to configure ssh for sso, following instructions in the
> "Client Configuration Guide". After I retrieve the keytab for the
> host/... principal, ssh works without passwords, but as the kerberos
> credentials are not forwarded (I think) the user is not able to access
> the home directory that's automounted from a NFSv4 witch kerberos
> enabled.
>
> Could not chdir to home directory /home/testj: Permission denied
> -bash: /home/testj/.bash_profile: Permission denied
> -bash-4.0$ ls -l /home
> total 8
> drwxr-x--x 31 testj otros 4096 2009-08-11 15:33 testj
> -bash-4.0$ logout
> -bash: /home/testj/.bash_logout: Permission denied
>
>
> The automounted home directories work ok when a user login in a
> workstation (gdm or text console), and if I don't retrieve the host/
> principal, ssh also works (asking for password).
> I believe this has something to do with ssh not forwarding kerberos
> ticket or something like that.
> Please, can anyone help me with this?
You could try adding the -K flag to ssh. This will enable kerberos
delegation.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20090811/ebef0291/attachment.bin>
More information about the Freeipa-users
mailing list