On Thu, Nov 25, 2010 at 11:55:16AM -0500, Sam Hartman wrote: > Is the default realm on your ssh server set to the realm in which it has > its host keys?
Yes. > Do things change if you add a domain_realm entry to your ssh server > mapping it into the realm where its key exists? Good catch! Yes. The error message changes slightly: It is now: Nov 25 18:18:48 someserver sshd[1960]: debug1: Unspecified GSS failure. Minor code may provide more information\nWrong principal in request\n Nov 25 18:18:48 someserver sshd[1960]: debug1: Got no client credentials One detail I probably forgot to add is that invoking kinit on the ssh server (after authenticating in a different manner) works fine. Helmut -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

