Kerberos+NFS4

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Aug 1 10:13:29 EDT 2013


On 08/01/2013 09:58 AM, Thomas Krauss - ITServ GmbH wrote:
> It is possible to reduce that to a second by
> 
>  
> /etc/sysconfig/nfs
> 
> RPCGSSDARGS="-vvv -t 1"

thanks for pointing the way to the documentation.  From rpc.gssd(8):

>>        -t timeout
>>               Timeout, in seconds, for kernel gss contexts. This option allows
>>               you to force new kernel contexts to be negotiated after  timeout
>>               seconds,  which  allows changing Kerberos tickets and identities
>>               frequently.  The default is no explicit timeout, which means the
>>               kernel  context  will  live the lifetime of the Kerberos service
>>               ticket used in its creation.

Regards,

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20130801/f563658c/attachment-0001.bin


More information about the Kerberos mailing list