auth_to_local_names

Matthew Loar matthew at loar.name
Fri Feb 22 19:29:06 EST 2008


grackle <davidhuebel at gmail.com> wrote:
> I want Kerberos principal user1 to be able to log into user account
> user2 on a particular host.  I specified
> 
> auth_to_local_names {
>   user1 = user2
> }
> 
> in the krb5.conf file on the host.  When I kinit on another machine as
> user1 and ssh to the host, I get a password prompt.  When I enter my
> password, I am logged in as user1.  If I change the above lines to

Are you telling ssh to log you in as user2 (-l user2)?  The krb5.conf
doesn't affect who you log in as, just whether Kerberos will
authenticate you as that user.

Also, does user2 have a .k5login?  In my experience, a .k5login will override
anything specified using auth_to_local.

Matt Loar



More information about the Kerberos mailing list