|
We have Windows 2000 Servers acting as Kerberos
KDCs
and Red Hat Linux 7.2 & Solaris 8 Servers
as Kerberos Clients.
Our people can ssh to linux servers and get
authenticated
against Win2k Kerberos KDC. There is no problem
here.
However, when people ssh to solaris 8 servers -
following
symptoms are observed -
1. People can ssh once and login. But another ssh
session is
denied.
2. Running the "klist" command in the logged
in session
of ssh gives the following error
-
klist: Credentials cache file
permissions incorrect
while
setting cache flags (ticket cache /tmp/krb5cc_1003)
I checked the permissions in
/tmp and observed that the
cache is owned by "root" instead of the logged in person.
3. After the person logs out, he is denied login
access unless
I manually delete his cached
credentials from /tmp.
What is notable is that "telnet" to solaris 8
servers works
just fine and has no such
problems.
I saw that there was some discussion on this topic
in the
mailing list archives but no definite
solution.
Is this a problem with ssh server on Solaris 8 or a
problem
with kerberos on Solaris 8 or what is it
?
Can someone guide me please ?
Regards,
Parag Godkar.
|
