search for: krb5ccache

...main process is using at this stage seems to be the one created in sshpam_init_authctx (or mm_init_auth_ctx with privsep) and hasn't had pam_authenticate called on it, has it? I've checked FreeBSD's pam_krb5 source, for example, and I can see that it uses pam_set/get_data to stash the krb5ccache between calls to pam_authenticate and pam_setcred. I don't understand how OpenSSH carries that data over from the "thread" back to the main process; I can only see the environment list being copied across. I can also see that OpenSSH swallows all errors from pam_setcred if pam_authen...