help with OTP
Matt Zagrabelny
mzagrabe at d.umn.edu
Wed Apr 26 11:32:24 EDT 2023
[Probably solved!]
On Wed, Apr 26, 2023 at 10:12 AM Matt Zagrabelny <mzagrabe at d.umn.edu> wrote:
>
> Whoops. Looks like I need:
>
> sudo apt install krb5-pkinit
Fool me once shame on me, fool me twice shame on me!
I also neglected to add the krb5-otp package to the KDC server.
Now I get:
$ kdestroy
$ kinit -n -c /tmp/somecache
$ kinit -T /tmp/somecache
Enter OTP Token Value:
$ klist
Ticket cache: FILE:/tmp/krb5cc_1000
Default principal: bob at MYDOMAIN.COM
Valid starting Expires Service principal
04/26/2023 10:26:41 04/26/2023 20:26:41 krbtgt/MYDOMAIN.COM at MYDOMAIN.COM
renew until 04/27/2023 10:26:29
This is all on my test system. Still need to try in production, but it
looks, and feels!, pretty good.
Thanks for all the help!
-m
More information about the Kerberos
mailing list