|
||||||
|
||||||
User Information Home
 NCSA's Help Desk is available 24 hours a day, seven days a week, 365 days a year: Kerberos PAM ConfigurationThis document is for configuring PAM to accept kerberos password authentication. Please read through these instructions once before installing so you are familiar with some of the setup options. The commands shown below will need to be executed as "root". If there are any questions or problems with this document, or an installation, then please contact kerberos@ncsa.uiuc.edu.
Kerberos PAM setup First make sure that you have a pam_krb5 rpm installed. Run "rpm -qa | grep pam" and see if the pam_krb5 shows up. It should look something like pam_krb5-1.46-1. If it's not installed then you can install a version from the linux.ncsa.uiuc.edu ftp server (contact your system administrator if you have problems doing this).
Note: Add the following line to the /etc/pam.d/system-auth file in the auth section. It should go directly after the pam_unix.so line (or after the afs line as in the sample file). auth sufficient /lib/security/pam_krb5.so use_first_pass forwardableAdd the following line to the /etc/pam.d/system-auth file in the password section directly under the pam_unix.so line. password sufficient /lib/security/pam_krb5.so use_authtokAdd the following line to the /etc/pam.d/system-auth file in the session section directly under the pam_unix.so line. session optional /lib/security/pam_krb5.so Once these are done your configuration file should look something like this sample system-auth file.
Note:
Question or comments about this page may be sent to Kerberos@ncsa.uiuc.edu
|
||||||
|
|
||||||
