default ticket max_life issue
Vipin Rathor
v.rathor at gmail.com
Wed Mar 7 08:37:47 EST 2007
hi all,
I just configured a MIT1.5 kdc and when I successfully did the kinit
admin/admin, the klist shows the ticket lifetime as 24 hrs. whereas in the
kerberos online doc(
http://web.mit.edu/kerberos/www/krb5-1.6/krb5-1.6/doc/krb5-admin.html#realms%20(kdc.conf)),
it's written that default max_life is 10 hrs.
Questions,
1. Which one is correct for default max_life, 24h or 10h?
2. Is this an expected behavior or some kind of doc-defect/bug?
Here is my kdc.conf:
[realms]
TEST = {
kadmind_port = 749
max_renewable_life = 7d 0h 0m 0s
master_key_type = des3-hmac-sha1
supported_enctypes = des3-hmac-sha1:normal des-cbc-crc:normal
des-cbc-crc:v4
}
Here is what klist showing:
# kinit admin/admin
Password for admin/admin at TEST:
# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: admin/admin at TEST
Valid starting Expires Service principal
03/07/07 08:40:13 03/08/07 08:40:13 krbtgt/TEST at TEST
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
Thanks in advance.
-Rathor
More information about the krbdev
mailing list