[Gllug] Kerberos
Richard Lewis
richardlewis at fastmail.co.uk
Tue Nov 2 10:26:36 UTC 2010
At Tue, 2 Nov 2010 01:48:57 +0000,
Bruce Richardson wrote:
>
> [1 <multipart/signed (7bit)>]
> [1.1 <text/plain; us-ascii (quoted-printable)>]
> On Mon, Nov 01, 2010 at 10:54:40PM +0000, Richard Lewis wrote:
> >
> > I tried commenting out a line in /etc/pam.d/common-password:
> >
> > #password requisite pam_krb5.so minimum_uid=1000
> > password [success=1 default=ignore] pam_unix.so obscure use_authtok try_first_pass sha512
> >
> > But I'm not whether: a) this has been effective; or b) would solve the
> > problem anyway.
>
> It will have stopped the system from trying to change kerberos
> passwords. You should check the other common-* files in /etc/pam.d for
> mention of kerberos.
>
> Did somebody set this up for you? How did kerberos come to be specified
> in your pam configs if not?
>
The VDS came with Debian stable pre-configured, and I've upgraded it
since, and kept it quite recent.
Anyway, it seems I was on the right lines. I tried dpkg-reconfiguring
some PAM-related packages today and:
$ sudo dpkg-reconfigure libpam-runtime
has done the trick. It offered me a choice of PAM modules to
enable/disable: Kerberos and UNIX passwords. So I disabled Kerberos
and my initial problem is fixed and (so far) nothing else is broken.
Best,
Richard
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Richard Lewis
ISMS, Computing
Goldsmiths, University of London
Tel: +44 (0)20 7078 5134
Skype: richardjlewis
JID: ironchicken at jabber.earth.li
http://www.richardlewis.me.uk/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list