OpenSSH with latest GSSAPI patch now storing credentials !
Someone
please at nospam.net
Tue Apr 2 10:15:16 EST 2002
Marc Horowitz wrote:
> sxw at dcs.ed.ac.uk (Simon Wilkinson) writes:
>
>
>>>However, is this overiding something that should be set in a kerberos
>>>config file?
>>>
>
> Yes, it is. The patch you sent forces initial tickets to be
> forwardable, regardless of what the kerberos config file requests.
> With MIT krb5, you can set the forwardable flag by default in
> krb5.conf:
>
> [libdefaults]
> forwardable = true
>
> Marc
>
forwardable = true, works fine, I just tryed it thus it isn't documented
in the MIT Kerberos documentation. They should add it.
Now verything works wonderfull, thanks to all your great help. Now I
only have to get all this working with an ugly w2k KDC :-(
Cheers,
Marc
More information about the Kerberos
mailing list