Package: openssh-client Version: 1:5.3p1-3 Severity: normal GSSAPIDelegateCredentials no longer works for me. Example:
the...@socrates:~$ kinit -f5 Password for the...@cern.ch: the...@socrates:~$ grep -A4 lxplus .ssh/config Host lxplus ForwardX11 yes HostName lxplus.cern.ch GSSAPITrustDns yes GSSAPIAuthentication yes GSSAPIDelegateCredentials yes Host lxplus* ForwardX11 yes GSSAPITrustDns yes GSSAPIAuthentication yes GSSAPIDelegateCredentials yes the...@socrates:~$ klist Ticket cache: FILE:/tmp/krb5cc_1000 Default principal: the...@cern.ch Valid starting Expires Service principal 03/13/10 14:42:39 03/14/10 15:42:38 krbtgt/cern...@cern.ch renew until 03/18/10 14:42:38 the...@socrates:~$ ssh lxplus249.cern.ch [.. banner ..] /usr/X11R6/bin/xauth: timeout in locking authority file /afs/cern.ch/user/t/themel/.Xauthority hepix: E: /usr/bin/fs returned error, no tokens? -bash: /afs/cern.ch/user/t/themel/.bash_profile: Permission denied [lxplus249] /afs/cern.ch/user/t/themel > klist klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_32651) Kerberos 4 ticket cache: /tmp/tkt32651 klist: You have no tickets cached [lxplus249] /afs/cern.ch/user/t/themel > On an ancient etch machine (OpenSSH 4.3p2): the...@eristoteles:~$ klist Ticket cache: FILE:/tmp/krb5cc_1000 Default principal: the...@cern.ch Valid starting Expires Service principal 03/13/10 14:49:31 03/14/10 14:49:31 krbtgt/cern...@cern.ch Kerberos 4 ticket cache: /tmp/tkt1000 klist: You have no tickets cached the...@eristoteles:~$ ssh lxplus249.cern.ch [.. banner ..] [lxplus249] /afs/cern.ch/user/t/themel > klist Ticket cache: FILE:/tmp/krb5cc_32651_WIyiRn3073 Default principal: the...@cern.ch Valid starting Expires Service principal 03/13/10 14:49:38 03/14/10 14:49:31 krbtgt/cern...@cern.ch Kerberos 4 ticket cache: /tmp/tkt32651 klist: You have no tickets cached [lxplus249] /afs/cern.ch/user/t/themel > My somewhat unreliable memory is that this broke with the 5.3 upgrade, but I'm not a 100% sure about it. -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.33-rc5 (SMP w/2 CPU cores; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages openssh-client depends on: ii adduser 3.112 add and remove users and groups ii debconf [debconf-2.0] 1.5.28 Debian configuration management sy ii dpkg 1.15.5.6 Debian package management system ii libc6 2.10.2-6 Embedded GNU C Library: Shared lib ii libedit2 2.11-20080614-1 BSD editline and history libraries ii libgssapi-krb5-2 1.8+dfsg~alpha1-7 MIT Kerberos runtime libraries - k ii libssl0.9.8 0.9.8m-2 SSL shared libraries ii passwd 1:4.1.4.2-1 change and administer password and ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime Versions of packages openssh-client recommends: ii openssh-blacklist 0.4.1 list of default blacklisted OpenSS ii openssh-blacklist-extra 0.4.1 list of non-default blacklisted Op ii xauth 1:1.0.4-1 X authentication utility Versions of packages openssh-client suggests: ii keychain 2.6.8-2 key manager for OpenSSH pn libpam-ssh <none> (no description available) ii ssh-askpass 1:1.2.4.1-9 under X, asks user for a passphras ii ssh-askpass-gnome [ssh-askpa 1:5.3p1-3 interactive X program to prompt us -- no debconf information -- [*Thomas Themel*] Unskilled and Unaware of It: How Difficulties [extended contact] in Recognizing One's Own Incompetence Lead to [info provided in] Inflated Self-Assessments [*message header*] <http://www.apa.org/journals/psp/psp7761121.html> -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org