"Negative cache rejected lookup for" host/princ when using GSSAPI + ssh on Mac OS X 10.6
Jean-Yves Avenard
jyavenard at gmail.com
Thu Sep 23 02:26:53 EDT 2010
Hi
kerberised ssh is disabled by default with ssh on MacOS >= 10.4.9
If you install the Mac OS Kerberos Extra, from MIT
http://web.mit.edu/macdev/KfM/Common/Documentation/osx-kerberos-extras.html
it will re-enable kerberised ssh.
In my experience on mac, I found that none of the kerberised
application found natively on the mac will make the ticket viewer pop
up and ask to get a ticket.
You have to start the Ticket Viewer, explicitely ask for a ticket,
then run the application. Watch out when the ticket expires too,
because you won't be asked to renew it automatically either.
3rd party application like Firefox or Thunderbird will make Ticket
Viewer pop up though.
Jean-Yves
More information about the Kerberos
mailing list