pam-krb5 4.5 released

Stephen Frost sfrost at snowman.net
Fri Feb 10 15:52:59 EST 2012


Russ,

* Russ Allbery (rra at stanford.edu) wrote:
> Yes, I have a pending patch to allow you to disable all password prompting
> behavior in the module because you're using some other mechanism than
> password and want the Kerberos prompter to just take care of it all.  I'm
> going to try to get out a new release with that change this month.  There
> currently isn't a way to avoid that password prompt, unfortunately.

Great, thanks!  I'll give the patch a try early next week.

Do you have any suggestions about how to tell if FAST if being used by
pam-krb5, etc?  I've looked through the auth.log on the host and the
KDC, enabled debug in the pam-krb5 config, and generally looked around
to see if I could figure it out.  Unfortunately, nothing appears to
indicate one way or the other.  I'd just like to make sure that the
conversation is being protected with a good key.

	Thanks again!

		Stephen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20120210/cf433c84/attachment.bin


More information about the Kerberos mailing list