Creating GSSAPI initiate credential using keytab entry--how should this work

Simo Sorce ssorce at
Wed Mar 10 16:18:19 EST 2010

On Wed, 10 Mar 2010 12:06:40 -0800
Russ Allbery <rra at> wrote:

> I agree that the waters are muddier if one is talking about general
> shell users creating keytabs for their personal use.  I would still
> create per-user directories in /etc for this, personally, but I think
> the FHS would accept either answer.

User data in /etc is most unusual, think of cron, at, mail and similar,
they are all in /var
However I agree with the point that the mechanism is interesting, the
specific directory should be something configurable at build time and
the various distributions will decide what to do with that data.


Simo Sorce * Red Hat, Inc * New York

More information about the krbdev mailing list