GSSAPI authentication over SSH fails with: Wrong principal in request

Solution Verified - Updated -

Issue

  • Single Sign On using Kerberos and ssh fails on rhel6.4
  • When logging in to a rhel6.4 system using kerberos and ssh, I get a permission denied
  • This happens on systems installed from scratch with rhel6.4, but also on systems upgraded to rhel6.4 from rhel6.3
  • Where using kerberos and ssh resulted in a successful log in on a rhel6.3 system, this fails after an upgrade to rhel6.4

  • After setting the log level of sshd to DEBUG, the following error message apears:

    sshd[13862]: debug1: Unspecified GSS failure.  Minor code may provide more information\nWrong principal in request\n

  • Other methods of logging in using ssh (HostbasedAuthentication, PubkeyAuthentication, PasswordAuthentication, etc.) work as expected.

Environment

  • Red Hat Enterprise Linux (RHEL) 6.4
  • openssh-5.3p1-84.1
  • krb5-libs-1.10.3-10

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content