Felix Engel wrote:
Hello,
we are using ssh and pam_krb5 to login to kerberized machines. Login is
successful and the client obtains a ticket for the user logging in.
However the credentials cache is not initialized. I think that might be
related to the following bug:
https://bugzilla.mindrot.org/show_bug.cgi?id=688
Has anybody seen this behaviour or can give any advice on how to fix
that? The above case recommends using SSH's threaded mode, however I
think that would require recompilation and the remainder of the
configuration is identical to the one that works on Debian/Etch and
FedoraCore4 installations.
Regards,
Felix
Hi,
You never said which version of SL, openssh, or pam_krb5.
For us, the problem is usually on the client, because by default, it does not
delegate credentials. So in /etc/ssh/ssh_config you have to set
GSSAPIDelegateCredentials yes
Troy
--
__________________________________________________
Troy Dawson [EMAIL PROTECTED] (630)840-6468
Fermilab ComputingDivision/LCSI/CSI DSS Group
__________________________________________________
