pkinit and nfs
Frank Cusack
frank at linetwo.net
Mon Oct 17 04:28:35 EDT 2011
It'd be interesting to know what 'kinit -t' does.
On Mon, Oct 17, 2011 at 1:21 AM, Martinsson Patrik <
patrik.martinsson at smhi.se> wrote:
> Well yes, however if you add ****
>
> pkinit_identities = PKCS11:path-to-smartcardlib****
>
> to the [libdefaults] section of your krb5.conf, the rpc.gssd will segfault.
> ****
>
> ** **
>
> In my world that means that rpc.gssd reads the pkinit-option in some way,
> but I’m not sure.****
>
> ** **
>
> Best regards,****
>
> Patrik Martinsson, Sweden.****
>
> ** **
>
> ** **
>
> ** **
>
> ** **
>
> ** **
>
> *Från:* Frank Cusack [mailto:frank at tenpedal.com]
> *Skickat:* den 14 oktober 2011 20:04
> *Till:* Martinsson Patrik
> *Kopia:* kerberos at mit.edu
> *Ämne:* Re: pkinit and nfs****
>
> ** **
>
> On Fri, Oct 14, 2011 at 1:56 AM, Martinsson Patrik <
> patrik.martinsson at smhi.se> wrote:****
>
> How do I setup krb5.conf to get nfs not use pkinit, whilst when for example
> doing a regular "kinit" pkinit should be used.****
>
>
> "nfs", i.e. rpc.gssd, does not use pkinit ever. It uses only a keytab.***
> *
>
More information about the Kerberos
mailing list