> On Jul 10, 2015, at 10:06 AM, Simo Sorce wrote:
>
>
> The same is for Kerberized NFS in Linux, the session keys are stored in
> the kernel and there is currently no way to revoke them, however once
> the session is destroyed the kernel will not be able to recreate it.
>
How long does it ta
- Original Message -
> From: "John Devitofranceschi"
> To: kerberos@mit.edu
> Cc: "Simo Sorce"
> Sent: Friday, July 17, 2015 6:52:01 AM
> Subject: Re: kerberos ticket cache
>
>
> > On Jul 10, 2015, at 10:06 AM, Simo Sorce wrote:
> >
> >
> > The same is for Kerberized NFS in Linux, th
On 07/16/2015 05:46 PM, Lars Kellogg-Stedman wrote:
> Is it possible to configure my local Kerberos environment such that when I
> type 'kinit' with no additional parameters, it will use something other than
> '@'?
No, we don't have a configurable mapping from local name to Kerberos
principals. I
Greg Hudson mit.edu> writes:
> At least some versions of pam_krb5 have some mapping options. See the
> alt_auth_map and search_k5login options here:
In fact, it turns out that SSSD has exactly the behavior for which I was
looking. I wrote up my solution here:
http://blog.oddbit.com/2015/07
