Hi,
after I upgraded from libvirt-0.9.0 I noticed that GSSAPIAuthentication for
openssh was no longer working, I always ended up with the password prompt.
stracing and debug logging on the server revealed that gssapi was never
tried.
Adding KRB5CCNAME to the ssh command's environment solved the problem.
https://bugzilla.redhat.com/show_bug.cgi?id=736983
I would like to propose the following patch:
Index: libvirt-0.9.5-rc1/src/rpc/virnetsocket.c
===================================================================
--- libvirt-0.9.5-rc1.orig/src/rpc/virnetsocket.c 2011-09-08 19:37:31.000000000
+0200
+++ libvirt-0.9.5-rc1/src/rpc/virnetsocket.c 2011-09-08 19:37:54.000000000 +0200
@@ -615,6 +615,7 @@
cmd = virCommandNew(binary ? binary : "ssh");
virCommandAddEnvPassCommon(cmd);
+ virCommandAddEnvPass(cmd, "KRB5CCNAME");
virCommandAddEnvPass(cmd, "SSH_AUTH_SOCK");
virCommandAddEnvPass(cmd, "SSH_ASKPASS");
virCommandAddEnvPass(cmd, "DISPLAY");
--
Matthias Witte - witte(a)netzquadrat.de
Telefon: +49 (0)211-30 20 33-18
Telefax: +49 (0)211-30 20 33-22
[netzquadrat] GmbH - Gladbacher Str. 74 - 40219 Düsseldorf
HRB Düsseldorf 36121 - Geschäftsführer: Thilo Salmon, Tim Mois
Steuernummer: 106/5719/1836, Umsatzsteuer-ID: DE246863050