You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I received the following error when using Paramiko to upload files via cron, connecting to a server via GSSAPI Key Exchange:
gssapi.error.GSSException: (851968) Unspecified GSS failure. Minor code may provide more information. Minor code: (2529639107) Credentials cache file '/cache/location/krb5cc_562' not found. Target: target.server.com
I looked in /cache/location/ and found a file ./krb5cc_562_qUEKm10168
After trying to troubleshoot for a bit, I simply created a softlink from /cache/location/krb5cc_562 to /cache/location/krb5cc_562_qUEKm10168 and it worked.
Oddly, this problem only cropped up when running the script via cron. Running it from the command line directly yielded success.
It looks to me like the filename is controlled by the environment variable: KRB5CCNAME
I don't have a solution at this point, but I suspect that the proper process would be to create a credentials cache and set the KRB5CCNAME variable. I will test further and post my results.
If this is an end user responsibility, it would be nice to have it documented in a tutorial.
It would be nice to have this issue resolved by passing a parameter to SSH.. i.e. credentials_cache="/your/file" to make things a bit easier on those using kerberos/GSSAPI.
The text was updated successfully, but these errors were encountered:
Thanks for the report, I suspect this is purely a quirk/responsibility of/bug in the gssapi lib, though I'm still amenable to adding an FAQ entry in our docs if you can confirm exactly what's going on.
Not surprised this hasn't come up before, GSSAPI support is newish & also not widely used, so that intersected with running in a non-login environment is probably a miniscule target :D
I received the following error when using Paramiko to upload files via cron, connecting to a server via GSSAPI Key Exchange:
I looked in
/cache/location/
and found a file./krb5cc_562_qUEKm10168
After trying to troubleshoot for a bit, I simply created a softlink from
/cache/location/krb5cc_562
to/cache/location/krb5cc_562_qUEKm10168
and it worked.Oddly, this problem only cropped up when running the script via cron. Running it from the command line directly yielded success.
It looks to me like the filename is controlled by the environment variable: KRB5CCNAME
I don't have a solution at this point, but I suspect that the proper process would be to create a credentials cache and set the KRB5CCNAME variable. I will test further and post my results.
If this is an end user responsibility, it would be nice to have it documented in a tutorial.
It would be nice to have this issue resolved by passing a parameter to SSH.. i.e.
credentials_cache="/your/file"
to make things a bit easier on those using kerberos/GSSAPI.The text was updated successfully, but these errors were encountered: