Fwd: Kerberos5 ticket auto renewal
steve
steve at steve-ss.com
Tue Mar 18 15:21:43 EDT 2014
On Tue, 2014-03-18 at 13:32 +0100, Wendy Lin wrote:
> Forwarding it here. What is the default Kerberos5 behaviour? I log in
> with pam_krb or kinit, but the tickets for nfs/ are not renewed. Why?
>
> Wendy
Hi
Maybe you have not requested anything from the file-server? In our Linux
setup a request is made by by an already authenticated user for the nfs
service. We don't do anything to renew the service ticket. So long as
the keytab contains e.g. the machine key to authenticate the server then
that sees to be enough. Does a nfs request perhaps kick it to
authenticate again if the service has expired? Confused.
Steve
More information about the Kerberos
mailing list