Displaying 1 result from an estimated 1 matches for "minimal_uid".
2008 Dec 02
0
SSHD does not cleanup kerberos ticket while root logins
...function do_setusercontext calls
ssh_gssapi_storecreds where structure client->store.filename is filled
with the filename of kerberos ticket. So then if
ssh_gssapi_cleanup_creds is called it does nothing because
gssapi_client.store.filename is empty.
We are using also pam_krb5, but with option minimal_uid=200, so the root
login is not affected.
My sshd_config:
Port 22
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
UsePrivilegeSeparation yes
KeyRegenerationInterval 3600
ServerKeyBits 768
SyslogFacility AUTH
LogLevel INFO
LoginGraceTime 120
PermitRootLogin yes
Stric...