Hello Dmitri, Thanks for your reply, it's working fine now.
Regards Laurent BASTET Le 16/06/2016 17:22, �s-boun...@mit.edu)" a écrit : > On 06/16/2016 10:08 AM, laurent.bas...@i-carre.net wrote: >> Hello all, >> >> Can you tell me if it is possible to get a TGT not entering a password, >> but only using an OTP token ? >> I found some tutorials on the internet (ie >> http://web.mit.edu/Kerberos/krb5-1.13/doc/admin/otp.html), but none >> works, the token is never asked : when I do kinit, only the password is >> requested, and then I have to make a "kinit -T armor_ccache" for a token >> been requested. >> >> And even if I don't do the command "kinit -T" I can access to machines... >> >> Regards, >> >> Laurent. >> ________________________________________________ >> Kerberos mailing list Kerberos@mit.edu >> https://mailman.mit.edu/mailman/listinfo/kerberos >> >> > OTP feature requires a FAST tunnel that is accomplished by having > another key and identity on the client for the host. > Then you first kinit with host and then use it with -T for user > authentication. > > ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
