More fun with Russ' pam_krb5
Coy Hile
coy.hile at coyhile.com
Wed Mar 12 21:15:18 EDT 2008
On Wed, 12 Mar 2008, Douglas E. Engert wrote:
> As such, I only use session based caches from SSH, and leave the console
> logins
> to do their own thing and use the default. The problem you are seeing might
> be
> that the KRB5CCNAME is not being set in dtlogin and/or not being passed to
> xscreensaver.
>
>
I think that's exactly it. I switched back to using the default caches
for dtlogin, and all is functional now. (For Russ' pam_krb5, I forced a ccache of /tmp/krb5cc_%u.)
Now to see whether the password expiry changing stuff works. I recall
running into that stuff before.
--
Coy Hile
coy.hile at coyhile.com
"Unarmed combat is what we enter into when we have been foolish enough
not to have a weapon; careless enough to lose our weapon, or unlucky
enough to have broken our weapon"
More information about the Kerberos
mailing list