sshd, Tiger and KRB5CCNAME
simon@sxw.org.uk
simon at sxw.org.uk
Fri Aug 25 14:00:00 EDT 2006
I think that this behaviour appeared with the last Tiger update. Someone here spotted it today - it seems to be a bug in Apple's OpenSSH package (I haven't yet checked if the bug is also in the CCAPI portion of my patch)
Simon.
-----Original Message-----
From: "Booker C. Bense" <bbense at stanford.edu>
Subj: sshd, Tiger and KRB5CCNAME
Date: Fri 25 Aug 2006 18:23
Size: 1K
To: kerberos at mit.edu
I'm running into a very odd bug with the default sshd on Tiger and
using gssapi w/ credential forwarding. Basically, the credentials
forward just fine but at some point the session gets
KRB5CCNAME=FILE:krb5cc_[uid]
rather than the proper
KRB5CCNAME=API:krb5cc_[uid]
As far as I can tell there is nothing in the configuration
that is setting this variable, and if you reset it in the ssh
session to it's proper value everything works. On what "should"
be identically configured machines, or I can't find any difference
between them, the less used machine will do the correct thing,
but the one that's had more logins does the wrong thing. Or at
least that's the only difference I can find between machines that
have the problem and ones that don't.
Is anyone aware of any condition in the OS X kerberos code where it
will somehow set KRB5CCNAME to the FILE value? I realize I'm grasping
at straws here, but I'm really puzzled by this.
_ Booker C. Bense
________________________________________________
Kerberos mailing list Kerberos at mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
More information about the Kerberos
mailing list