kerberos ticket cache
Brandon Allbery
ballbery at sinenomine.net
Fri Jul 10 09:52:51 EDT 2015
On Fri, 2015-07-10 at 08:37 +0000, Andrew Levin wrote:
> I have noticed that even after I delete my kerberos ticket cache, as
> below, I remain authenticated (eg I can open files in an area where
> kerberos authentication is required). How is this possible?
There is a procedure called "aklog" which registers your ticket with the
kernel (AFS calls this a token) so that it can be used to authenticate
network operations. Removing the userspace ticket cache does not affect
this kernel token.
You can use "unlog" to unregister the token, or "tokens" to see what
tokens you have registered (you can have one per AFS cell).
--
brandon s allbery kf8nh sine nomine associates
allbery.b at gmail.com ballbery at sinenomine.net
unix openafs kerberos infrastructure xmonad http://sinenomine.net
More information about the Kerberos
mailing list