- 论坛徽章:
- 0
|
用kerberos 用户 ssh登录一台主机还是提示密码, 输入kerberos用户密码则登录成功, klist也能看到ticket。就这一台主机提示密码,其他4台主机会直接登录成功。
不知道问题出在哪里。
ssh server log:
# cat secure
Jan 5 23:55:48 avatar sshd[2588]: Connection closed by 10.66.172.219
Jan 5 23:55:51 avatar sshd[2636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=kerberos.guohua.com user=guohua
Jan 5 23:55:51 avatar sshd[2636]: pam_krb5[2636]: TGT verified using key for 'host/avatar.guohua.com@GUOHUA.COM'
Jan 5 23:55:51 avatar sshd[2636]: pam_krb5[2636]: authentication succeeds for 'guohua' (guohua@GUOHUA.COM)
Jan 5 23:55:51 avatar sshd[2636]: Accepted password for guohua from 10.66.172.219 port 39260 ssh2
Jan 5 23:55:51 avatar sshd[2636]: pam_unix(sshd:session): session opened for user guohua by (uid=0)
sshclient: ssh -vvv guohua@avatar.guohua.com
debug2: we did not send a packet, disable method
debug1: Next authentication method: gssapi-with-mic
debug2: we sent a gssapi-with-mic packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug2: we sent a gssapi-with-mic packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug2: we sent a gssapi-with-mic packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug2: we sent a gssapi-with-mic packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug2: we did not send a packet, disable method
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
guohua@avatar's password:
debug2: we sent a password packet, wait for reply
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug2: channel 0: send open
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug1: Sending environment.
debug1: Sending env XMODIFIERS = @im=ibus
debug2: channel 0: request env confirm 0
debug1: Sending env LANG = en_US.utf8
debug2: channel 0: request env confirm 0
debug2: channel 0: request shell confirm 1
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
Last login:
|
|