HP-UX Secure Shell A.05.00.012, A.05.00.013, and A.05.00.014 Release Notes
pam_setcred: error Authentication failed
pam_setcred: error Permission denied
These messages appears only when the daemon is running in debug mode. These
messages are not relevant to (and does not affect) HP-UX Secure Shell operations.
The PAM function pam_setcred generates this message. These error messages
appear during the scenarios listed in Table 1-3.
Table 1-3 Scenarios where pam_setcred Generates Error Messages
Error MessagesKeyServ RunningUsePrivUser
Permission deniednoyesroot
Authentication failednoyesnon-root
Permission deniednonoroot
Permission deniednononon-root
Permission deniedyesyesroot
No messageyesyesnon-root
Permission deniedyesnoroot
Permission deniedyesnonon-root
• A Kerberos ticket on a Secure Shell server system gets inadvertently deleted in the
following scenario:
1. User U1 creates a Kerberos ticket file on a Secure Shell server system, S1.
2. The SSH server on S1 is set up for PAM_KERBEROS authentication.
3. User U1 now remotely connects to the SSH instance on S1 using public-key
authentication.
4. User U1 exits.
The kinit-generated ticket file created in Step 1 gets deleted when the user exits
the Secure Shell session.
Workaround: Create the Kerberos ticket file (Step 1) in a non-default location and
selectively communicate this file name to Secure Shell processes using the
KRB5CCNAME environment variable.
• The chroot functionality does not work if the UseLogin configuration directive
in sshd_config is set to YES.
• In a chroot-ed environment, users do not see a subset of syslog messages. HP-UX
Secure Shell writes syslog messages at the time of authentication and when the
session is terminated. The syslogd daemon reads the syslog messages written
by all subsystems and reports it to the /dev/log file. In a chroot-ed environment,
the sshd daemon writes its syslog messages to <newroot>/dev/log. It is not
10 HP-UX Secure Shell A.05.00.012, A.05.00.013, and A.05.00.014