Kerberos FTP ticket filename

Russ Allbery rra at
Mon May 20 12:21:48 EDT 2013

Tiago Elvas <tiagoelvas at> writes:

> I am having a problem here with the FTP authentication using Kerberos.
> What is happening is that when I connect from host_A to host_B using
> ftp, the acquired ticket (in host_B) is being stored as
> "/tmp/krb5cc_503_z2fgka".

That seems like a fine name for a Kerberos ticket cache.  What problem is
that causing?

> I also had this problem in SSH logins, and it seems to be related to a
> bug/feature of the PAM. To fix it, I appended a piece of code in
> "/etc/profile" to rename the ticket file and set the "$KRB5CCNAME"
> accordingly.

What are you trying to accomplish by doing that?  There is probably a PAM
option that will achieve your goal more directly, which would also help
with the FTP connection, but I don't understand what that goal is.

Russ Allbery (rra at             <>

More information about the Kerberos mailing list