FreeBSD 8.2 (i386): sasltauthd -a kerberos5 does not work
Dan White
dwhite at olp.net
Wed May 4 10:04:21 EDT 2011
On 04/05/11 09:01 +0200, Martin Schweizer wrote:
>Hello
>
>My system:
>FreeBSD 8.2-RELEASE FreeBSD 8.2-RELEASE #0: Fri Apr 29 15:58:00 CEST
>2011 martin at acsvfbsd04:/usr/obj/usr/src/sys/GENERIC i386
>
>acsvfbsd04# pkg_info|grep sasl
>cyrus-sasl-2.1.23 RFC 2222 SASL (Simple Authentication and Security Layer)
>cyrus-sasl-saslauthd-2.1.23 SASL authentication server for cyrus-sasl2
>
>In /etc/rc.conf I have:
>saslauthd_enable="YES"
>saslauthd_flags="-a kerberos5"
>
>In /var/log/auth.log I get always:
>May 4 08:44:24 acsvfbsd04 saslauthd[38396]: do_auth : auth failure:
>[user=martin] [service=imap] [realm=] [mech=kerberos5]
>[reason=krb5_verify_user_opt failed]
>
>
>All the Kerberos5 stuff is working because I can use sasltauthd -a pam
>(which use the FreeBSD modul pam_kerb5). So it's not a Kerberos
>related problem.
>
>PS: On a amd64 plattform the same setup is working... So it seems to
>be 32 bit problem...
Which kerberos library was saslauthd compiled with? Does that differ from
the library that pam_kerb5 was compiled with?
Does running saslauthd in debug mode provide additional information? Do you
see anything in your KDC logs?
--
Dan White
More information about the Cyrus-sasl
mailing list