Bug 1749862
| Summary: | GSSAPITrustDNS fails on proxy hosts causing gssapi authentication failures | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Oliver Ilian <oliver> |
| Component: | openssh | Assignee: | Jakub Jelen <jjelen> |
| Status: | CLOSED ERRATA | QA Contact: | Ondrej Moriš <omoris> |
| Severity: | high | Docs Contact: | |
| Priority: | medium | ||
| Version: | 8.1 | CC: | cheimes, omoris, ssorce, szidek, tmraz |
| Target Milestone: | rc | Keywords: | Regression, Triaged |
| Target Release: | 8.0 | Flags: | pm-rhel:
mirror+
|
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | openssh-8.0p1-5.el8 | Doc Type: | No Doc Update |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-11-04 01:31:59 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Oliver Ilian
2019-09-06 15:24:25 UTC
The option `GSSAPIDelegateCredentials` does not do anything with authentication. It would just forward your kerberos credentials to the server after you would get authenticated using GSSAPIAuthentication or GSSAPIKeyExchange. Can you share debug logs from the old working and new non-working setups? And optionally also your client and configurations? Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (openssh bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:4439 The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days |