[OpenAFS-devel] OpenAFS and OpenSSH, PAM, tokens
Robert Petkus
rpetkus@bnl.gov
Tue, 31 Oct 2006 15:15:03 -0500
lamont@scriptkiddie.org wrote:
>
> The pam_krb5afs in RedHat (I think RHEL4 or later) works around this
> issue by introducing a use_shmem flag so that they can communicate
> between processes.
use_shmem=sshd never enabled me to obtain an AFS token during a GSSAPI
session. Two methods I've verified to work are 1) compiling ssh with
-DUNSUPPORTED_POSIX_THREADS_HACK -lpthread and 2) apply the pam setcred
patch to ssh.
Robert
Robert Petkus
Brookhaven National Laboratory
Physics Dept. - Bldg. 510A
Upton, New York 11973
http://www.bnl.gov/RHIC
http://www.acf.bnl.gov