On 7/10/07, Rogier Krieger <[EMAIL PROTECTED]> wrote:
If my clients (MIT KfW, SecureCRT) attempt GSSAPI authentication, [...] OpenSSH does not obtain any AFS token, forcing me to run afslog manually.
Or put such a command in /etc/ssh/sshrc, as hinted at in sshd(8). This seems to work in that it provides me with tickets/tokens for both the Kerberos and GSSAPI cases. The above seems a bit of a workaround, but I can live with that. I'll see if I can reproduce this on my 4.1 boxes. If so, I'll report back to the OpenSSH list, since it strikes me as odd that a session would do different things (whether or not to obtain an AFS token) based on how the Krb5 TGT was obtained (password verification or transferred by GSSAPI). Cheers, Rogier -- If you don't know where you're going, any road will get you there.
