Heimdal 1.5.2: "unknown mech-code 2529639054 for mech 1 3 6 1 4 1 311 2 2 10"

Jeffrey Altman jaltman@openafs.org
Fri Jun 21 02:38:00 GMT 2013

On 6/20/2013 6:31 PM, Nogin, Aleksey wrote:
> Jeffrey Altman wrote:
>>> debug1: SSH2_MSG_SERVICE_REQUEST sent
>>> debug1: SSH2_MSG_SERVICE_ACCEPT received
>>> debug1: Authentications that can continue: 
>>> publickey,gssapi-with-mic,password
>>> debug1: Next authentication method: gssapi-with-mic
>>> debug1:  Miscellaneous failure (see text) unknown mech-code 2529639054 for mech 1 3 6 1 4 1 311 2 2 10
>>> debug1: Delegating credentials
>>> debug1: Delegating credentials
>>> debug1: Enabling compression at level 6.
>>> debug1: Authentication succeeded (gssapi-with-mic).
>>> Authenticated to XXXhostXXX ([IP.IP.IP.IP]:22).
>> I'm not sure what the issue is here.  The authentication succeeded.
> The issue that despite the "Delegating credentials" message, credentials are not being delegated.
> Aleksey

I still do not understand what does that has to do with the subject of
this message?

The credentials that will be deleted are the credentials of the type
that was accepted by the ssh gssapi-with-mic mechanism.  At the
verbosity level that you are using it does not state what that is.

In any case, I am quite sure that if your ssh client states that it has
delegated credentials that it has done so.   You need to debug the
server side to determine where the sshd environment or gssapi library
has determined the credentials have been stored.   For Kerberos it will
need to be a credential cache.  Heimdal defaults to using a non-FILE
based cache but I suspect that Cygwin does not provide a non-FILE based
cache implementation.

Jeffrey Altman

Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

More information about the Cygwin mailing list