Comment 6 for bug 1938144

Ok, I managed to reproduces this in a clean "ubuntu:latest" docker container. Steps to reproduce are below. During testing, I noticed that I aliased "ssh" to "ssh -K -X", and that "-K" (or equivalently "-o GSSAPIAuthentication=yes") is crucial. This changes the problematic SSH client command to

ssh -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex root@ac3f9944f201 -v -p 2222 -o GSSAPIKeyExchange=yes -o GSSAPIAuthentication=yes -F /dev/null

Complete steps to reproduce (container ac3f9944f201 is the server, IP 1.2.3.4 is the IP of the container host; this needs to be adapted):

Server:

podman run -it -p 2222:2222,8888:88 ubuntu

apt update
apt install openssh-server krb5-kdc krb5-admin-server
touch /etc/krb5kdc/kadm5.acl
touch /etc/krb5kdc/kadm5.dict
krb5_newrealm
kadmin.local

addprinc user
addprinc -randkey host/ac3f9944f201
ktadd -k /etc/krb5.keytab host/ac3f9944f201
exit

mkdir /run/sshd
/usr/sbin/sshd -d -p 2222 -f /dev/null -o GSSAPIKeyExchange=yes -o GSSAPIAuthentication=yes

Client:

podman run -it ubuntu

apt update
apt install openssh-client krb5-user
kinit user
echo "1.2.3.4 ac3f9944f201" >> /etc/hosts

ssh -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex root@ac3f9944f201 -v -p 2222 -o GSSAPIKeyExchange=yes -o GSSAPIAuthentication=yes -F /dev/null

Notice "monitor_read: unpermitted request 48" on the server, and "Connection closed by 1.2.3.4 port 2222" on the client (instead of the expected "permission denied).