[mosh-users] mosh with GSSAPIDelegateCredentials
yrobot@amazon.com
yrobot at amazon.com
Fri Jun 3 18:28:58 EDT 2016
Does mosh support the GSSAPIDelegateCredentials ssh option?
I'm connecting to a server using kerberos,
(ssh options GSSAPIAuthentication and GSSAPIDelegateCredentials are both
set to yes)
e.g.
cat .ssh/config
...
GSSAPIAuthentication yes
GSSAPIDelegateCredentials yes
...
mosh successfully connects to the server, and sets KRB5CCNAME
$ echo $KRB5CCNAME
FILE:/tmp/krb5cc_1805007_IzhzWvVWtA
However the ticket is invalid (maybe already deleted?):
$ klist -f
klist: No credentials cache found (ticket cache
FILE:/tmp/krb5cc_1805007_IzhzWvVWtA)
This works fine with ssh:
$ echo $KRB5CCNAME
FILE:/tmp/krb5cc_1805007_d4UdEyH6HK
$ klist -f
Ticket cache: FILE:/tmp/krb5cc_1805007_d4UdEyH6HK
...
--
I think what's going on, is mosh using ssh for
GSSAPIDelegateCredentials, but the ssh connection is immediately
closed.. so that the ticket is invalidated/deleted by the time I get a
prompt on the remote host
Is there any workaround to get this working, or am I doing something wrong?
Thanks,
-Yoni
More information about the mosh-users
mailing list