Displaying 20 results from an estimated 50000 matches similar to: "[Bug 372] [RFE] [authkrb5] : KRB5CCNAME set to pointer"
2002 Jul 30
0
[Bug 372] [RFE] [authkrb5] : KRB5CCNAME set to pointer
http://bugzilla.mindrot.org/show_bug.cgi?id=372
basalt at easynet.fr changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|normal |enhancement
Summary|[authkrb5] : KRB5CCNAME set |[RFE] [authkrb5] :
|to pointer |KRB5CCNAME
2004 Jan 23
0
[Bug 372] [RFE] [authkrb5] : KRB5CCNAME set to pointer
http://bugzilla.mindrot.org/show_bug.cgi?id=372
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
------- Additional Comments From dtucker at zip.com.au 2004-01-22
2003 May 16
0
[Bug 372] [RFE] [authkrb5] : KRB5CCNAME set to pointer
http://bugzilla.mindrot.org/show_bug.cgi?id=372
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Component|sshd |Kerberos support
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2002 Jul 28
0
[Bug 372] New: [authkrb5] : KRB5CCNAME set to pointer
http://bugzilla.mindrot.org/show_bug.cgi?id=372
Summary: [authkrb5] : KRB5CCNAME set to pointer
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy: basalt
2003 Oct 30
3
[Bug 751] KRB5CCNAME set incorrectly in GSSAPI code
http://bugzilla.mindrot.org/show_bug.cgi?id=751
Summary: KRB5CCNAME set incorrectly in GSSAPI code
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Kerberos support
AssignedTo: openssh-bugs at mindrot.org
2017 Dec 23
5
[Bug 2815] New: please set KRB5CCNAME to collection
https://bugzilla.mindrot.org/show_bug.cgi?id=2815
Bug ID: 2815
Summary: please set KRB5CCNAME to collection
Product: Portable OpenSSH
Version: 7.4p1
Hardware: amd64
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: Kerberos support
Assignee: unassigned-bugs
2002 Mar 09
0
krb5 problem: KRB5CCNAME is ""; possible fix for OpenSSH 3.0.2p1
I'm using a OpenSSH 3.0.2p1 with the krb5 patch from
<http://www.sxw.org.uk/computing/patches/openssh.html>.
I'm getting KRB5CCNAME set to "" even though
<http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=98269278629018&w=2>
mentions fixing it. This causes things like kinit to
fail with a somewhat uninformative error message.
The relevant sshd_config lines
2004 Jan 25
2
[Bug 698] Specify FILE: for KRB5CCNAME
http://bugzilla.mindrot.org/show_bug.cgi?id=698
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO| |793
nThis| |
Summary|Specify FILE: for credential|Specify FILE: for KRB5CCNAME
2009 Sep 19
1
cifs.upcall not respecting krb5ccname env var?
Hello,
I've been doing some extensive troubleshooting with respect to some issues
mounting CIFS shares on a Windows box via Kerberos. We're using the command:
/sbin/mount.cifs //whatever/whatever /whatever -o sec=krb5i
This should mount the share using Kerberos & Packet-signing by using the
cached credentials of the user executing the command. With judicious use of
strace, it
2003 Nov 12
2
[Bug 757] KRB5CCNAME inherited from root's environment under AIX
http://bugzilla.mindrot.org/show_bug.cgi?id=757
Summary: KRB5CCNAME inherited from root's environment under AIX
Product: Portable OpenSSH
Version: -current
Platform: PPC
OS/Version: AIX
Status: NEW
Severity: minor
Priority: P2
Component: sshd
AssignedTo: openssh-bugs at mindrot.org
2009 May 23
7
[Bug 1601] New: Memory leak caused by forwarded GSSAPI credential store
https://bugzilla.mindrot.org/show_bug.cgi?id=1601
Summary: Memory leak caused by forwarded GSSAPI credential
store
Product: Portable OpenSSH
Version: 5.2p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at
2006 Aug 18
1
[Bug 928] Kerberos/GSSAPI authentication does not work with multihomed hosts
http://bugzilla.mindrot.org/show_bug.cgi?id=928
simon at sxw.org.uk changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |simon at sxw.org.uk
------- Comment #2 from simon at sxw.org.uk 2006-08-19 08:31 -------
I'd rather see us move towards just using
2003 Nov 11
1
AIX KRB5CCNAME problem
I believe there is a bug in how AIX handles the KRB5CCNAME environment
variable. The symptom occurs when a root user restarts sshd while they
have KRB5CCNAME set; all of the resulting client connections will inherit
the same KRB5CCNAME variable. This can occur if the admin uses 'ksu' or
some other kerberized method of obtaining root privileges.
Investigating this problem, I stumbled
2003 May 20
2
[Bug 445] User DCE Credentials do not get forwarded to child session
http://bugzilla.mindrot.org/show_bug.cgi?id=445
------- Additional Comments From simon at sxw.org.uk 2003-05-21 00:49 -------
The existing code only handles the situation where Kerberos
credentials are created by the OpenSSH's krb5 code. What would appear
to be happening under OSF/1 is that one of the calls used to verify
the users login is, as a by-product, creating the credentials
2017 Feb 11
2
[RFC][cifs-utils PATCH] cifs.upcall: allow scraping of KRB5CCNAME out of initiating task's /proc/<pid>/environ file
Chad reported that he was seeing a regression in cifs-utils-6.6. Prior
to that, cifs.upcall was able to find credcaches in non-default FILE:
locations, but with the rework of that code, that ability was lost.
Unfortunately, the krb5 library design doesn't really take into account
the fact that we might need to find a credcache in a process that isn't
descended from the session.
When the
2001 May 08
1
New kex organisation and user options.
I'm in the process of updating my GSSAPI patches to the 2.9 release. However,
I've run into a slight problem with managing to get user options to play
nicely with the way that the kex code is now organised.
With the GSS kex its possible for the user to specify whether they want to
delegate their credentials to the server or not. This option is used only on
the client side (and so is
2005 Jun 29
3
sshd deletes the GSSAPI ticket on exit
Hello All,
I have run into a situation where a user exiting from a
PAM_KERBEROS-authenticated session runs the risk of deleting a
kinit-generated credentials file that was already sitting on the server. I
will explain the problem in detail, but let me begin with my question. It
has a specific reference to PAM_KERBEROS, but it can also be a general
question.
If a user (ssh) session was
2006 Oct 02
1
[Bug 1245] Add support for Darwin CCAPI
http://bugzilla.mindrot.org/show_bug.cgi?id=1245
Summary: Add support for Darwin CCAPI
Product: Portable OpenSSH
Version: -current
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Kerberos support
AssignedTo: bitbucket at mindrot.org
ReportedBy: simon at
2017 Feb 14
3
[PATCH v2 0/2] cifs.upcall: allow cifs.upcall to grab $KRB5CCNAME from initiating process
Small respin of the patches that I posted a few days ago. The main
difference is the reordering of the series to make it do the group
and grouplist manipulation first, and then the patch that makes
it grab the KRB5CCNAME from the initiating process.
I think the code is sound, my main question is whether we really
need the command-line switch for this. Should this just be the
default mode of
2017 Apr 11
0
Good practices to make a Kerberos "mount.cifs" launched by root but with the credentials of another user
Hi,
I have a Debian Stretch computer which is a "samba4 member
server" of an Samba4 AD domain (versions etc. are mentioned
at the end of the message). I think my config is OK and I
can open a _graphical_ session with an AD account user. The
display manager of the computer is Lightdm. For for instance,
I can open a graphical session with the AD account bob (uid
== 14001). In this case, I