On 6/6/2024 8:26 AM, Dave Macias wrote:
*I wanted to see if I could make the cache file user-specific, instead of
the default location (/tmp/krb5cc-blabla).*
SSH is creating a separate ticket cache file for each login session and owned by the user.
This has been the preferred way to do this for decades.
https://kerberos.mit.narkive.com/YJB4Hshz/krb5ccname-and-sshd
Your: "Ticket cache: FILE:/tmp/krb5cc_2000_tgiettMBSK" looks like it is set by sshd and your environment should have a KRB5CCNAME with that name.
If you share the ticket cache between multiple login sessions, when the first session ends,
the "GSSAPICleanupCredentials yes" will cause the shared ticket cache to be deleted. Using /tmp means the cache is destroyed upon a shutdown/restart. /tmp is also a local file system. /home may be on
a network disk which has other issues.
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
--
Douglas E. Engert <DEEngert@xxxxxxxxx>
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
