find the authorized principal
Ken Dreyer
ktdreyer at ktdreyer.com
Wed Feb 22 17:16:03 EST 2012
I have a local system account "git" on my server. In git's home
directory, several usernames are present in ~/.k5login. These accounts
can use GSSAPI to log in with SSH.
I'm interested to keep closer tabs on who is logging into this
account, and maybe doing something with the information using git
hooks. I know that my server's authentication log will contain the
username of the principal that authenticated to the git account:
Authorized to git, krb5 principal kdreyer at EXAMPLE.COM (krb5_kuserok)
Is there any way for the git user account itself to find this
information? I was hoping for an environment variable like $KRB5_USER
or something.
- Ken
More information about the Kerberos
mailing list