Tuesday, March 17, 2009

Speeding up SSH connections

If you make alot of connections to the same host, it's worth setting up connection sharing in OpenSSH. You can enable this by adding the following to you $HOME/.ssh/config file:


Host *
ControlMaster auto
ControlPath ~/.ssh/%r@%h:%p


Do keep in mind that the 'master' will linger on until all slave connections are gone.
Posted by at No comments:

Thursday, March 5, 2009

Boot failure

After the lastest kernel update on fedora, my box refused to boot since it was unable to mount the root filesystem. The old kernel still booted fine. My first thought was an issue with the initrd, so I first rebuild it to see if that resolved it. No change.
Therefor it was time to take a closer look.. after unpacking the initrd, I noticed the mkrootdev line was different.. and that's when I recalled that I had updated my /etc/fstab root entry and had added 'relatime' to the mount flags.
Apparently mkrootdev was failing on that flag. I'd figure it would be a simple thing to fix, so I checked out the repository and noticed it was fixed in version 6.0.76-1 (fedora 10 uses 6.0.71):



commit e993db4b1790d0328fcd76c0fd88ca2a82a931d5
Author: Jayson King
Date: Wed Feb 4 21:11:54 2009 +0100

Make nash mount support relatime (#296361)

Make nash mount support relatime (#296361).
Posted by at No comments:
Labels: , ,

Tuesday, March 3, 2009

Ubuntu: saslauthd internal error in k5support_verify_tgt

When trying to get LDAP simple bind to work against Kerberos5 with saslauthd, I kept running into the following error:


saslauthd[29808]: auth_krb5: k5support_verify_tgt
saslauthd[29808]: do_auth : auth failure: [user=kvo] [service=ldap] [realm=LOCALREALM] [mech=kerberos5] [reason=saslauthd internal error]


a search for the error only mentioned adding the host principle to the keytab file, which I had done, but I was still getting the error.

It seems saslauthd on ubuntu requires that KRB5_KTNAME is set... even though /etc/krb5.keytab is the default, it still needs the environment variable to be present. (explicitly setting the default keytab in /etc/krb5.conf didnt help either).

So the solution to the problem is to add:


export KRB5_KTNAME=/etc/krb5.conf


to the /etc/default/saslauthd file.
Posted by at 2 comments:
Labels: , ,
Subscribe to: Posts (Atom)