[krbdev.mit.edu #1282] need standard way of finding keytab
Ken Raeburn via RT
rt-comment at krbdev.mit.edu
Tue Dec 17 17:51:14 EST 2002
Hacks like this shouldn't be needed. There should be some standard
way of indicating where a keytab is located for a given user or
service.
For example, perhaps non-root users would look in ~/etc/krb5.keytab,
or maybe krb5.conf could have a table mapping principal names or
service (first-component) names to pathnames ("zephyr =
/usr/local/etc/zephyr/zephyr.keytab"). Maybe both.
No special configuration should be needed to look for the current
standard services (host and ftp at least) in the standard keytab,
though that could be accomplished by having a list of names instead of
just one. Say, if the default is "~/etc/krb5.keytab:/etc/krb5.keytab"
or equivalent.
Ken
More information about the krb5-bugs
mailing list