svn rev #25765: trunk/doc/rst_source/krb_users/

Benjamin Kaduk kaduk at MIT.EDU
Wed Mar 14 23:46:30 EDT 2012 

On Wed, 14 Mar 2012, ghudson at MIT.EDU wrote:

> http://src.mit.edu/fisheye/changelog/krb5/?cs=25765
> Commit By: ghudson
> Log Message:
> Bring ticket management documentation up to date
>
> Refer to ssh instead of telnet; refer to login system integration
> instead of the Kerberos login program.
>
>
> Changed Files:
> U   trunk/doc/rst_source/krb_users/tkt_mgmt.rst
> Modified: trunk/doc/rst_source/krb_users/tkt_mgmt.rst
> ===================================================================
> --- trunk/doc/rst_source/krb_users/tkt_mgmt.rst	2012-03-14 19:18:09 UTC (rev 25764)
> +++ trunk/doc/rst_source/krb_users/tkt_mgmt.rst	2012-03-14 19:55:38 UTC (rev 25765)
> @@ -7,16 +7,16 @@
>           Your contribution is greatly appreciated.
>
> On many systems, Kerberos is built into the login program, and you get
> -tickets automatically when you log in.  Other programs, such as rsh,
> -rcp, telnet, and rlogin, can forward copies of your tickets to the
> -remote host.  Most of these programs also automatically destroy your
> -tickets when they exit.  However, MIT recommends that you explicitly
> -destroy your Kerberos tickets when you are through with them, just to
> -be sure.  One way to help ensure that this happens is to add the
> -:ref:`kdestroy(1)` command to your .logout file.  Additionally, if you
> -are going to be away from your machine and are concerned about an
> -intruder using your permissions, it is safest to either destroy all
> -copies of your tickets, or use a screensaver that locks the screen.
> +tickets automatically when you log in.  Other programs, such as ssh,
> +can forward copies of your tickets to the.  Most of these programs

Is "remote host" still supposed to be there, or something else?

-Ben

> +also automatically destroy your tickets when they exit.  However, MIT
> +recommends that you explicitly destroy your Kerberos tickets when you
> +are through with them, just to be sure.  One way to help ensure that
> +this happens is to add the :ref:`kdestroy(1)` command to your .logout
> +file.  Additionally, if you are going to be away from your machine and
> +are concerned about an intruder using your permissions, it is safest
> +to either destroy all copies of your tickets, or use a screensaver
> +that locks the screen.

More information about the krbdev mailing list