Displaying 1 result from an estimated 1 matches for "krb5ccache".
Did you mean:
krb5_ccache
2013 Jan 19
1
PAM function ordering
...main process is using at this stage
seems to be the one created in sshpam_init_authctx (or mm_init_auth_ctx
with privsep) and hasn't had pam_authenticate called on it, has it?
I've checked FreeBSD's pam_krb5 source, for example, and I can see that it
uses pam_set/get_data to stash the krb5ccache between calls to
pam_authenticate and pam_setcred. I don't understand how OpenSSH carries
that data over from the "thread" back to the main process; I can only see
the environment list being copied across.
I can also see that OpenSSH swallows all errors from pam_setcred if
pam_authen...