* Douglas E. Engert ([EMAIL PROTECTED]) wrote: > This would be a "session" cache, and would be created by sshd for example. > the xxxxx is mean to make the name unique. You would want a different > cache for each session, so the sessions would not interfer with each other. > The sshd would also set the KRB5CCNAME env to point to the cache. [...] > Its a feature not a problem.
Actually, it's a rather annoying problem, but not an insurmountable one.
I've set up my shell scripts to do what I consider the 'right' thing.
Basically they move the forwarded tickets provided by sshd into place,
overwritting anything there and then keep a session counter and kdestroy
when the last session has exited. This means I can use forwarded
tickets with screen and things actually work even when I detach, logoff,
logon and reattach to screen.
If anyone's curious in the shell script bits (they're not complex) I'd
be happy to make them available.
Stephen
pgp00000.pgp
Description: PGP signature
________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
