kerberos auth for ssh2
Matt Crawford
crawdad at fnal.gov
Mon Aug 1 11:39:11 EDT 2005
On Aug 1, 2005, at 2:42, Simon Wilkinson wrote:
>> 4)Does the kdc have to have special knowledge of the server that is
>> requesting authentication for a user via a forwarded ticket or
>> does the
>> server making the request for this sort of auth simply just need
>> to know
>> how to ask?
>
> The host/ server principal and the user's principal both need to have
> the allow_forwardable flag set. [...]
Could you explain to me this bit about the server principal needing
to have allow_forwardable?
More information about the krbdev
mailing list