Red Hat Bugzilla – Bug 246619
sshd needs to store forwarded gssapi creds before opening the pam session
Last modified: 2007-11-16 20:14:56 EST
This is more or less the same as bug #201341, and was originally upstream #918
(https://bugzilla.mindrot.org/show_bug.cgi?id=918). Basically sshd doesn't
store forwarded GSSAPI credentials to disk before opening the PAM session for
the user, so modules don't have access to the credentials even when they may
have use for them.
Actually the patch I have to fix bug 216689 will solve this one as well.
*** This bug has been marked as a duplicate of 216689 ***
You're right, it looks like it will. Thanks!
Nalin, could you please test the latest openssh in dist-4E-qu-candidate whether
it fixes the problem?
Seems to work properly in combination with the corresponding
dist-4E-qu-candidate pam_krb5 2.1.15-1 and later. Thanks!
Hi. What's the status and expected release of a fix for RHEL4 on this? The bug
this is marked as a duplicate of (bug 216689) is restricted, so the rest of the
community has no idea what's going on.
This should be fixed (well, #216689 is called out as fixed in the changelog) in
the openssh packages in the beta channel.