"Negative cache rejected lookup for" host/princ when using GSSAPI + ssh on Mac OS X 10.6
Jonathan Simms
slyphon at gmail.com
Wed Sep 22 21:43:28 EDT 2010
I found only one reference to the string "Negative cache rejected
lookup for" searching google for information, so I figured I'd ask
here. I'm connecting from a Mac OS X 10.6 box to a Debian 5 install. I
am kinited on osx, and try to ssh to to the debian box, i get the
following error message in the debug output:
debug1: Unspecified GSS failure. Minor code may provide more information
Negative cache rejected lookup for 'host/$FQDN@$REALM'
debug1: Unspecified GSS failure. Minor code may provide more information
Server not found in Kerberos database
debug1: Unspecified GSS failure. Minor code may provide more information
When I ssh to another box and kinit there, then ssh over to the same
host, it does the GSS exchange fine, forwards my credentials, and i
see the host's ticket when i do klist.
Any clue what this negative cache is on OS-X and how to clear it? The
only reference I found was
http://eyck.forumakad.pl/~eyck/log/Tips/Kerberos.Negative.Cache.Rejected.Lookup.html
and I'd rather not reboot my box if i can help it :)
-- Jonathan
More information about the Kerberos
mailing list