Subject: bin/22114: kerberos-2@ssh.com problems
To: None <gnats-bugs@gnats.netbsd.org>
From: Klaus Klein <kleink@reziprozitaet.de>
List: netbsd-bugs
Date: 07/10/2003 14:18:17
>Number: 22114
>Category: bin
>Synopsis: kerberos-2@ssh.com problems
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: bin-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Thu Jul 10 12:20:00 UTC 2003
>Closed-Date:
>Last-Modified:
>Originator: Klaus Klein
>Release: NetBSD 1.6U
>Organization:
Frobozz Magic Standards Company
>Environment:
n/a
>Description:
In my environment I have a Kerberos 5 KDC, and I'm using
SSH publickey authentication as well.
When the TGT has expired, ssh is (obviously) unable to perform
kerberos-2@ssh.com authentication. However, sshd does not support
falling back to publickey authentication and logs
fatal: monitor_read: unpermitted request 39,
although it does offer an "authentications that can continue"
packet after the failure.
With a destroyed credential cache file, this is not a problem.
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted: