Originally posted by: SystemAdmin

I have 2 servers (lft1 and lft3) running AIX 5.3 ML 5. Both are installed with krb5.client.rte 1.4.0.4 and openssh.base.server 4.3.0.5300.

I have configured some of the users on both servers to authenticate against our Windows 2003 Active Directory. From my PC, I can use telnet to login successfully to either server with these users. Also from my PC, I can ssh to the server lft3 using these users, but on lft1, I cannot. I get "access denied". To test that sshd is working correctly on lft1, I created a new user authenticated locally on lft1. I was able to login successfully with this new user on lft1 using ssh.

The files /etc/krb5/krb5.conf and /etc/ssh/sshd_config are the same on both servers.

Any advice on how to resolve this problem?
#AIX-Forum

Originally posted by: SystemAdmin

There are some files on lft3 (the server that I can ssh to) that do not exist on lft1.
/usr/lib/security/KRB5A.ibm
/usr/lib/security/KRB5A_64.ibm
/usr/lib/security/KRB5_64.ibm
/usr/lib/security/methods.cfg.ibm

I tried copying these files from lft3 to lft1, but I still can't ssh to lft1.

Anyone know what the *ibm files are used for?
#AIX-Forum

Originally posted by: SystemAdmin

These look like backup files that an IBM service technition may have created on the server while doing testing.
#AIX-Forum

Originally posted by: Robert_Willcox

yea I have those files w/o the ibm suffix:

1. pwd

/usr/lib/security

1. oslevel -s

5300-06-03-0732

1. file KRB*

KRB5: executable (RISC System/6000) or object module
KRB5A: executable (RISC System/6000) or object module
KRB5A_64: 64-bit XCOFF executable or object module
KRB5_64: 64-bit XCOFF executable or object module

1. file methods.cfg

methods.cfg: commands text

Don't know about kerberos, but thought I'd chime in the default, fwiw.
#AIX-Forum