SASL AuthN to LDAP
Brian Candler
b.candler at pobox.com
Wed Oct 19 13:01:40 CEST 2016
On 19/10/2016 11:57, Brian Candler wrote:
> As an aside, I wonder if someone can answer this question. Can
> freeradius itself fetch and refresh its own kerberos tickets using a
> keytab?
Argh. As soon as I posted, I realised the problem: the keytab was only
readable by root.
I set a location and permissions to make it readable:
# ls -l /etc/radiusd.keytab
-rw-r----- 1 root freerad 386 Oct 19 10:59 /etc/radiusd.keytab
and now:
KRB5_CLIENT_KTNAME=/etc/radiusd.keytab freeradius -X
works just fine. Sorry about the noise.
Regards,
Brian.
More information about the Freeradius-Users
mailing list