HP-UX Secure Shell A.04.40.006 and A.04.40.007 Release Notes
HP-UX Secure Shell A04.40.006 and A.04.40.007
Known Problems and Workarounds
Chapter20
These error message appear only when the daemon is running in
debug mode. These error message are not relevant to (and does not
affect) HP-UX Secure Shell operations. The PAM function
pam_setcred() generates this message. These error messages
appear during the scenarios listed in Table 3.
• A Kerberos ticket on a Secure Shell server system gets inadvertently
deleted in the following scenarios:
1. User U1 creates a Kerberos ticket file on a Secure Shell server
system, S1.
2. The SSH server on S1 is set up for PAM_KERBEROS authentication.
3. User U1 now remotely connects to the SSH instance on S1 using
public-key authentication.
4. User U1 exits.
The kinit-generated ticket file created in Step 1 gets deleted when
the user exits the Secure Shell session.
Workaround: Create the Kerberos ticket file (Step 1) in a non-default
location and selectively communicate this file name to Secure Shell
processes using the KRB5CCNAME environment variable.
Table 3 Scenarios where pam_setcred() Generates Error Messages
User UsePriv
Keyserv
Running
Error Messages
root yes no Permission denied
non-root yes no Authentication failed
root no no Permission denied
non-root no no Permission denied
root yes yes Permission denied
non-root yes yes No message
root no yes Permission denied
non-root no yes Permission denied