attribute to require pkinit?

Kevin Coffman kwc at
Wed Nov 29 10:26:03 EST 2006

On 11/29/06, Clifford Neuman <bcn at> wrote:
> I dont' think that overloading hw_auth is the right thing.
> However, wouldn't it require pkinit if the database entry did not have a
> secret key usable for direct authentication.

I interpret this as "randomize the user's key/password" so that the
only way they could possibly authenticate is with pkinit.  Is that

More information about the krbdev mailing list