Is the CCAPI patch even in what went out in the Tiger security update? AFAICT, it's not, so perhaps the machines where it isn't working have taken the update and the others have not.
On Aug 25, 2006, at 2:00 PM, <[EMAIL PROTECTED]> wrote: > > I think that this behaviour appeared with the last Tiger update. > Someone here spotted it today - it seems to be a bug in Apple's > OpenSSH package (I haven't yet checked if the bug is also in the > CCAPI portion of my patch) > > Simon. > -----Original Message----- > > From: "Booker C. Bense" <[EMAIL PROTECTED]> > Subj: sshd, Tiger and KRB5CCNAME > Date: Fri 25 Aug 2006 18:23 > Size: 1K > To: [email protected] > > > I'm running into a very odd bug with the default sshd on Tiger and > using gssapi w/ credential forwarding. Basically, the credentials > forward just fine but at some point the session gets > > KRB5CCNAME=FILE:krb5cc_[uid] > > rather than the proper > > KRB5CCNAME=API:krb5cc_[uid] > > As far as I can tell there is nothing in the configuration > that is setting this variable, and if you reset it in the ssh > session to it's proper value everything works. On what "should" > be identically configured machines, or I can't find any difference > between them, the less used machine will do the correct thing, > but the one that's had more logins does the wrong thing. Or at > least that's the only difference I can find between machines that > have the problem and ones that don't. > > Is anyone aware of any condition in the OS X kerberos code where it > will somehow set KRB5CCNAME to the FILE value? I realize I'm grasping > at straws here, but I'm really puzzled by this. > > _ Booker C. Bense > ________________________________________________ > Kerberos mailing list [email protected] > https://mailman.mit.edu/mailman/listinfo/kerberos > > ________________________________________________ > Kerberos mailing list [email protected] > https://mailman.mit.edu/mailman/listinfo/kerberos --lxs Alexandra Ellwood <[EMAIL PROTECTED]> MIT Kerberos Development Team <http://mit.edu/lxs/www> ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
