> Ken> FYI; just call krb5_init_context(); I doubt there is a reason > Ken> to use krb5_init_secure_context in this case. > >No, you actually do want secure context here. Picture something like >su being pam authenticated with KRB5_KTNAME set. Good point; I had forgotten about that one. --Ken