Derek Harkness wrote:
> I upgraded a test workstation to 4.0, I compiled two versions one with
> kerberos+afs support and another with just PAM. The goal is to be able
> to login using kerberos and get an afs token.

> The bigger problem is the PAM integration. When I login using just PAM
> I am able to get logged in but neither my kerberos tickets or my afs
> tokens are set. Just wondering if anyone has a suggestion on getting
> this working. Since I have far to many server with ssh to request
> keytabs for all of them.

Try forcing sshd to use password authentication (ie
"PasswordAuthentication yes" and "ChallengeResponseAuthentication no"

For the gory details on why this might make a difference, see:

Darren Tucker (dtucker at
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.