[OpenAFS] Re: [OpenAFS-devel] OpenAFS and OpenSSH, PAM, tokens

Robert Petkus rpetkus@bnl.gov
Tue, 31 Oct 2006 15:15:03 -0500

lamont@scriptkiddie.org wrote:
> The pam_krb5afs in RedHat (I think RHEL4 or later) works around this
> issue by introducing a use_shmem flag so that they can communicate
> between processes.
use_shmem=sshd never enabled me to obtain an AFS token during a GSSAPI
session.  Two methods I've verified to work are 1) compiling ssh with 
-DUNSUPPORTED_POSIX_THREADS_HACK -lpthread and 2) apply the pam setcred
patch to ssh.


Robert Petkus
Brookhaven National Laboratory
Physics Dept. - Bldg. 510A
Upton, New York 11973