Keytab-based initiator creds design
Dmitri Pal
dpal at redhat.com
Thu Jun 7 19:03:52 EDT 2012
On 06/07/2012 06:55 PM, Russ Allbery wrote:
> Dmitri Pal <dpal at redhat.com> writes:
>
>> We have SSSD for users and will have GSS proxy for automatic ticket
>> renewal so this is not a problem in a long run.
> No, you'll still have to deal with renewal on the remote system because
> the entire world is not running UNIX on the local client. :)
> Reforwarding tickets from the local host will only work if the local host
> has that capability, and renewal has a limited lifetime.
>
You lost me. What remote system you are talking about?
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IPA project,
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the krbdev
mailing list