pam-krb5 4.5 released
Stephen Frost
sfrost at snowman.net
Fri Feb 10 15:52:59 EST 2012
Russ,
* Russ Allbery (rra at stanford.edu) wrote:
> Yes, I have a pending patch to allow you to disable all password prompting
> behavior in the module because you're using some other mechanism than
> password and want the Kerberos prompter to just take care of it all. I'm
> going to try to get out a new release with that change this month. There
> currently isn't a way to avoid that password prompt, unfortunately.
Great, thanks! I'll give the patch a try early next week.
Do you have any suggestions about how to tell if FAST if being used by
pam-krb5, etc? I've looked through the auth.log on the host and the
KDC, enabled debug in the pam-krb5 config, and generally looked around
to see if I could figure it out. Unfortunately, nothing appears to
indicate one way or the other. I'd just like to make sure that the
conversation is being protected with a good key.
Thanks again!
Stephen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20120210/cf433c84/attachment.bin
More information about the Kerberos
mailing list