From owner-freebsd-hackers@FreeBSD.ORG  Fri Oct 21 15:10:41 2005
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
X-Original-To: hackers@freebsd.org
Delivered-To: freebsd-hackers@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CEF5116A41F
	for <hackers@freebsd.org>; Fri, 21 Oct 2005 15:10:41 +0000 (GMT)
	(envelope-from Hartmut.Brandt@dlr.de)
Received: from smtp-3.dlr.de (smtp-3.dlr.de [195.37.61.187])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 3DBE843D45
	for <hackers@freebsd.org>; Fri, 21 Oct 2005 15:10:40 +0000 (GMT)
	(envelope-from Hartmut.Brandt@dlr.de)
Received: from beagle.kn.op.dlr.de ([129.247.173.6]) by smtp-3.dlr.de over TLS
	secured channel with Microsoft SMTPSVC(6.0.3790.211); 
	Fri, 21 Oct 2005 17:10:39 +0200
Date: Fri, 21 Oct 2005 17:10:39 +0200 (CEST)
From: Harti Brandt <hartmut.brandt@dlr.de>
X-X-Sender: brandt_h@beagle.kn.op.dlr.de
To: Stijn Hoop <stijn@win.tue.nl>
In-Reply-To: <20051021141752.GQ6916@pcwin002.win.tue.nl>
Message-ID: <20051021170843.A6955@beagle.kn.op.dlr.de>
References: <20051021160017.D4007@beagle.kn.op.dlr.de>
	<20051021141752.GQ6916@pcwin002.win.tue.nl>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-OriginalArrivalTime: 21 Oct 2005 15:10:39.0862 (UTC)
	FILETIME=[99108960:01C5D651]
Cc: hackers@freebsd.org
Subject: Re: telnetd/sshd and Kerberos tickets (PAM)
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Harti Brandt <harti@freebsd.org>
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Oct 2005 15:10:42 -0000

On Fri, 21 Oct 2005, Stijn Hoop wrote:

SH>On Fri, Oct 21, 2005 at 04:08:14PM +0200, Harti Brandt wrote:
SH>> I have enabled the pam_krb5 module in pam.d/{login,telnetd,sshd}. When 
SH>> login in locally I get a Kerberos ticket as I would expect. When logging 
SH>> in via ssh or telnet I don't get one. I have digged around in the sources 
SH>> and it locks like telnetd never calls pam_setcred() which would do this 
SH>> work. My PAM-foo is rather limited so my question is: shouldn't sshd and 
SH>> telnetd call pam_setcred() somewhere?
SH>
SH>WRT sshd I bugged des@ about this but did not receive an answer :( See
SH>the attached mail.

Hmm. I digged around a little bit and found something:

http://bugzilla.mindrot.org/show_bug.cgi?id=789

>From a first glance it seems that this bug was introduced by fixing 
another bug.

harti