pam-krb5 4.5 released

Russ Allbery rra at stanford.edu
Fri Feb 10 16:03:13 EST 2012


Stephen Frost <sfrost at snowman.net> writes:

> Do you have any suggestions about how to tell if FAST if being used by
> pam-krb5, etc?  I've looked through the auth.log on the host and the
> KDC, enabled debug in the pam-krb5 config, and generally looked around
> to see if I could figure it out.  Unfortunately, nothing appears to
> indicate one way or the other.  I'd just like to make sure that the
> conversation is being protected with a good key.

I'm afraid I don't know.  The patch was developed by someone else, and we
use a Heimdal KDC here, so I haven't looked at what the logging output on
the KDC side might be.  pam-krb5 itself just sets some init_creds options,
but doesn't otherwise know whether they're effective.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>


More information about the Kerberos mailing list