Sudo w/Ticket Support

John Washington jawashin at
Tue May 19 14:18:43 EDT 2009

* greg at <greg at> [2009-05-12 10:18]:
> The user uses the ~S command to initiate the sequence.  The user is
> prompted for a password which is used to obtain a TGT which is then
> used to obtain a service ticket which is sent over the channel for
> authentication.  By enforcing a very short ticket lifetime parameter
> user immediacy can be enforced.

I find myself impressed with this as a potential solution.  I wish you
luck in implementing it, as it is a clean solution to a potentially
clouded issue.

More information about the Kerberos mailing list