[ GSSAPI ] Environment settings

Petr Ostadal postadal at suse.cz
Wed Sep 24 21:47:29 EST 2003


I think it solves my patch , which I added to openssh bugzilla some day
ago. See http://bugzilla.mindrot.org/show_bug.cgi?id=698

	Petr

On Wed, 24 Sep 2003, Sebastian Roth wrote:

> Hi there,
>
> well, I just upgraded to OpenSSH 3.7.1p2 and noticed the GSSAPI-Changes.
> Well it worked like a charm. No PAM, no problems while authenticating to
> Kerberos 5. But now there is a small problem. We need an pam module
> called pam_gssklog.so to authenticate. This modules obtains a token from
> the kerberos ticket.
>
> The single executable (which is execle'd out of the pam module) works if
> an environment variable called KRB5CCNAME is set.
>
> So I integrated the PAM into my ssh-config again, with the Kerberos and
> GSSAPI stuff in sshd enabled. Authentication works, my pam module gets
> called, but it doesn't find the environment var. After the
> authentication succeeds, an single "gssklog" works because the var is
> set.
>
> So my question is:
>
> Is there an good way to set the var KRB5CCNAME before the pam module(s)
> are called and access them out of the pam-stuff?
>
> Thank you in advance!
>
> 		<Seb />
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>




More information about the openssh-unix-dev mailing list