diff --git a/impacket/smb.py b/impacket/smb.py
index 81e278f92..66820617a 100644
--- a/impacket/smb.py
+++ b/impacket/smb.py
@@ -3488,6 +3488,8 @@ def kerberos_login(self, user, password, domain = '', lmhash = '', nthash = '',
         if TGT is None:
             if TGS is None:
                 tgt, cipher, oldSessionKey, sessionKey = getKerberosTGT(userName, password, domain, lmhash, nthash, aesKey, kdcHost)
+                # Persist the TGT we just obtained so callers can reuse it through getCredentials()
+                self.__TGT = {'KDC_REP': tgt, 'cipher': cipher, 'sessionKey': sessionKey}
         else:
             tgt = TGT['KDC_REP']
             cipher = TGT['cipher']
@@ -3498,6 +3500,8 @@ def kerberos_login(self, user, password, domain = '', lmhash = '', nthash = '',
         if TGS is None:
             serverName = Principal('cifs/%s' % self.__remote_name, type=constants.PrincipalNameType.NT_SRV_INST.value)
             tgs, cipher, oldSessionKey, sessionKey = getKerberosTGS(serverName, domain, kdcHost, tgt, cipher, sessionKey)
+            # Persist the ST we just obtained so callers can reuse it through getCredentials()
+            self.__TGS = {'KDC_REP': tgs, 'cipher': cipher, 'sessionKey': sessionKey}
         else:
             tgs = TGS['KDC_REP']
             cipher = TGS['cipher']
diff --git a/impacket/smb3.py b/impacket/smb3.py
index 0866994c5..85c451826 100644
--- a/impacket/smb3.py
+++ b/impacket/smb3.py
@@ -745,6 +745,8 @@ def kerberosLogin(self, user, password, domain = '', lmhash = '', nthash = '', a
         if TGT is None:
             if TGS is None:
                 tgt, cipher, oldSessionKey, sessionKey = getKerberosTGT(userName, password, domain, lmhash, nthash, aesKey, kdcHost)
+                # Persist the TGT we just obtained so callers can reuse it through getCredentials()
+                self.__TGT = {'KDC_REP': tgt, 'cipher': cipher, 'sessionKey': sessionKey}
         else:
             tgt = TGT['KDC_REP']
             cipher = TGT['cipher']
@@ -769,6 +771,8 @@ def kerberosLogin(self, user, password, domain = '', lmhash = '', nthash = '', a
         if TGS is None:
             serverName = Principal('cifs/%s' % (self._Connection['ServerName']), type=constants.PrincipalNameType.NT_SRV_INST.value)
             tgs, cipher, oldSessionKey, sessionKey = getKerberosTGS(serverName, domain, kdcHost, tgt, cipher, sessionKey)
+            # Persist the ST we just obtained so callers can reuse it through getCredentials()
+            self.__TGS = {'KDC_REP': tgs, 'cipher': cipher, 'sessionKey': sessionKey}
         else:
             tgs = TGS['KDC_REP']
             cipher = TGS['cipher']