We use heimdal's kinit etc. So they may work different. We also noticed that behaviour of randomized ticket caches on Ubuntu machines. So this may be special to them to "improve security".
In addition, we needed to patch openssh, as it has its own way of determining the cache file location. In general, it is not safe to have ticket caches in a world-writable location, but KEYRING also had security troubles in the past. This is why we chose to use sssd to create the ticket caches for the users under /run. –Michael _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
