Description of problem: The patches to sshd which allow it to recognize "user/role" as a user name cause gssapi authentication to fail when the user's name is specified in this way. Version-Release number of selected component (if applicable): openssh-4.7p1-5.fc9 How reproducible: Always Steps to Reproduce: 1. Set up gssapi authentication. 2. Attempt to log in while specifying a role, even your default one (by specifying "user/role", for example "root/unconfined_t" as a user). Actual results: Client fails to authenticate, falls back to pubkey or password-based auth. The server logs this error: Jan 2 20:34:24 blade sshd[22659]: GSSAPI MIC check failed Expected results: No error. Additional info: This is documented in section 4 of RFC4462 if a reference is needed.
Created attachment 290679 [details] patch which seems to work for me