Displaying 4 results from an estimated 4 matches for "rocky9".
Did you mean:
rocky
2024 Jun 11
1
kerberos default_ccache_name with sssd
Thank you both for the replies and explanation!
@douglas
Can i set?KRB5CCNAME somewhere so that it uses /home? Where?
But even if i could set the env variable i have this odd behavior:
I now have 4 vms running.
2 are rocky8 and 2 are rocky9, with same settings and versions I stated on my first post.
From the 4 vms, when I ssh into them, 2 of them set a cache file in the users home and the other two save it in /tmp.
I cant seem to understand why my other two vms do not want to setup the cache in the /home.
The only difference i can t...
2024 Jun 12
1
kerberos default_ccache_name with sssd
Just to show what i mean when i ssh into my vms, 2 vms save the cache in /tmp and the other 2 in /home. See what happens when i run the loop below:
> for i in rocky8client rocky9client rocky9server rocky8server; do /usr/bin/sshpass -p password /usr/bin/ssh -l jdoe $i "hostname; klist"; done
rocky8client.domain.net
Ticket cache: FILE:/tmp/krb5cc_2000_WP04h8h0sa
Default principal:?jdoe at DOMAIN.NET
Valid starting Expires Service principal
06/11/2024 17:58:09 06/1...
2024 Jun 13
1
kerberos default_ccache_name with sssd
...SSSD Kerberos Cache Manager rather then storing in individual file.
On 6/11/2024 7:21 PM, Dave Macias wrote:
> Just to show what i mean when i ssh into my vms, 2 vms save the cache in /tmp and the other 2 in /home. See what happens when i run the loop below:
>
> > for i in rocky8client rocky9client rocky9server rocky8server; do /usr/bin/sshpass -p password /usr/bin/ssh -l jdoe $i "hostname; klist"; done
>
> rocky8client.domain.net <http://rocky8client.domain.net>
> Ticket cache: FILE:/tmp/krb5cc_2000_WP04h8h0sa
> Default principal: jdoe at DOMAIN.NET <http...
2024 Jun 11
1
kerberos default_ccache_name with sssd
On 6/6/2024 8:26 AM, Dave Macias wrote:
> *I wanted to see if I could make the cache file user-specific, instead of
> the default location (/tmp/krb5cc-blabla).*
SSH is creating a separate ticket cache file for each login session and owned by the user.
This has been the preferred way to do this for decades.
https://kerberos.mit.narkive.com/YJB4Hshz/krb5ccname-and-sshd
Your: "Ticket