On Fri, 2006-12-15 at 08:53 -0800, Russ Allbery wrote: > With gssapi-with-mic, PAM doesn't obtain the tickets and therefore also > doesn't attempt to destroy them. sshd itself is responsible for both. My > guess is that you're looking for the sshd_config option: > > GSSAPICleanupCredentials no > > The default is yes. Could you try setting this in your sshd_config and > see if it resolves your issue?
I have performed the recommended change and confirmed that the GSSAPI obtained credentials are now correctly retained. Russ, thanks for the hint. (FWIW: your pam-afs-session module works correctly in this configuration and now both krb5 and afs credentials are retained). Regards, -- Hans -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
