On Fri, 2015-07-10 at 08:37 +0000, Andrew Levin wrote: > I have noticed that even after I delete my kerberos ticket cache, as > below, I remain authenticated (eg I can open files in an area where > kerberos authentication is required). How is this possible?
There is a procedure called "aklog" which registers your ticket with the kernel (AFS calls this a token) so that it can be used to authenticate network operations. Removing the userspace ticket cache does not affect this kernel token. You can use "unlog" to unregister the token, or "tokens" to see what tokens you have registered (you can have one per AFS cell). -- brandon s allbery kf8nh sine nomine associates allber...@gmail.com ballb...@sinenomine.net unix openafs kerberos infrastructure xmonad http://sinenomine.net ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
