Dear Colleauges,

I have a perfectly valid TGT and some expired service tickets (see the
klist output below). When I ssh to techno2 or fs01, the ssh client
asks me for the password. Why does it happen? 

I expect that the ssh client should request a new service ticket for
the relevant host, and not just give up?


Credentials cache: FILE:/tmp/krb5cc_3001
        Principal: sudakov@REALM.HIDDEN

  Issued                Expires               Principal
Aug  7 08:27:14 2017  Aug 14 08:27:14 2017  krbtgt/REALM.HIDDEN@REALM.HIDDEN
Aug  7 08:27:16 2017  >>>Expired<<<         
host/pager11.REALM.HIDDEN@REALM.HIDDEN
[...]
Aug  7 11:01:56 2017  >>>Expired<<<         
host/techno2.REALM.HIDDEN@REALM.HIDDEN
Aug  7 11:01:56 2017  >>>Expired<<<         
host/techno2.REALM.HIDDEN@REALM.HIDDEN
Aug  7 12:58:54 2017  >>>Expired<<<         
host/fs01-sibptus.REALM.HIDDEN@REALM.HIDDEN
Aug  7 12:58:54 2017  >>>Expired<<<         
host/fs01-sibptus.REALM.HIDDEN@REALM.HIDDEN


-- 
Victor Sudakov,  VAS4-RIPE, VAS47-RIPN
AS43859

Reply via email to