multiple principals in one cache?
Greg Hudson
ghudson at MIT.EDU
Mon Nov 15 13:42:56 EST 2010
On Wed, 2010-11-10 at 18:48 -0500, Ken Hornstein wrote:
> >You can produce a ccache with multiple client principals using ksu.
>
> Didn't know about that; good to know! Although ... huh, I'm looking
> at the man page for ksu (probably the ONE Kerberos program I've never
> run), and my question is: how, exactly, do you do that?
I don't think it can be used as a general tool for this purpose, but it
does produce such a ccache as a side effect of its regular function.
For example, if I'm logged in with tickets as ghudson at ATHENA.MIT.EDU and
I ksu to root by entering the password for ghudson/root at ATHENA.MIT.EDU,
I wind up with a new ccache containing all of my old tickets (for client
principal ghudson) plus a TGT and host service ticket for client
principal ghudson/root.
More information about the Kerberos
mailing list