----- Original Message ----- > From: "John Devitofranceschi" <j...@optonline.net> > To: kerberos@mit.edu > Cc: "Simo Sorce" <s...@redhat.com> > Sent: Friday, July 17, 2015 6:52:01 AM > Subject: Re: kerberos ticket cache > > > > On Jul 10, 2015, at 10:06 AM, Simo Sorce <s...@redhat.com> wrote: > > > > > > The same is for Kerberized NFS in Linux, the session keys are stored in > > the kernel and there is currently no way to revoke them, however once > > the session is destroyed the kernel will not be able to recreate it. > > > > How long does it take for the stored session keys to expire after the ccache > is destroyed? Is it based on ticket lifetime?
Yes, the "endtime" of the established context is passed down to the kernel, and it will be used to check when the context expires. When it does the kernel returns an "Expired Context" error. Simo. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
