Ok, I don't have any experience nor knowledge about s4u2proxy for now.
I've read everything I could find about it, there's not a lot of documentation
about this (except general concepts)...
I'm still not very comfortable with those new concepts so please, apologize for
any mistake below.
For n
Hi everyone,
I'm using an NFS v4 export (sec=sys with root_squash enabled) to store my users
home directories.
I'd like to use a ".k5login" file for a particular user.
My users are authenticating throw SSH using GSS-API, and user
"b...@example.org" is trying to connect to account "al...@example
Tab, am I able to decrypt the TGT stored in
the client cache ?
Is this possible ?
Any other is accepted...
Thanks in advance for your help :)
--
Remi Ferrand | Institut National de Physique Nucleaire
Tel. +33(0)4.78.93.08.80 | et de Physique des Particules
Fax. +33(0)4.72.69
h key of the KDC do I need to do this little hack ? (the Master Key
K/m...@realm ?)
I'm reading the source code of the subdir src/kdc/ and especially
do_tgs_req.c.
I hope it could work ...
Thanks in advance
Remi
--
Remi Ferrand | Institut National de Physique Nucleaire
he.
Does anyone already encounter this kind of error using Kerberos V M.I.T
API ?
Do I have to load ciphers anywhere ?
If you want me to send you my code, juste ask and I'll send you ...
The main part of my code has been inspired from kinit or src/kdc/*
utilities.
Thanks in advance
Remi
elp me doing this ?
For sure, any other idea to access the encrypted content of the AFS
Tokens created with "kinit + aklog" are accepted.
Thanks in advance
Remi
--
Remi Ferrand | Institut National de Physique Nucleaire
Tel. +33(0)4.78.93.08.80 | et de Physique des Part
way to do this ... am I right ?
Thanks in advance
Cheers
R.
--
Remi Ferrand | Institut National de Physique Nucleaire
Tel. +33(0)4.78.93.08.80 | et de Physique des Particules
Fax. +33(0)4.72.69.41.70 | Centre de Calcul - http://cc.in2p3.fr/
smime.p7s
Description: S/MIME Cryptogr
that goal ?
Thanks in advance
Cheers
R.
--
Remi Ferrand | Institut National de Physique Nucleaire
Tel. +33(0)4.78.93.08.80 | et de Physique des Particules
Fax. +33(0)4.72.69.41.70 | Centre de Calcul - http://cc.in2p3.fr/
Kerber
uch a solution already exists ?
Thanks in advance
R.
--
Remi Ferrand | Institut National de Physique Nucleaire
Tel. +33(0)4.78.93.08.80 | et de Physique des Particules
Fax. +33(0)4.72.69.41.70 | Centre de Calcul - http://cc.in2p3.fr/
_
e absolutely shouldn't do that ?
If so we'll talk later of the implementation.
More important for us, we'd like to know what Russ Allbery thinks about that as
he is the main developper of remctl.
Thank you in advance for you answer.
Thanks all for your answers and comments.
Cheers
Le 05/04/2014 21:34, Russ Allbery a écrit :
> This is pretty much where people talk about remctl. I can create a new
> mailing list if the traffic gets too annoying for other Kerberos folks,
> but I kind of like having a broader audience as long as others don't mind.
>
>
'd like to know If you have any comments or
remarks regarding the implementation choices I've made.
Thanks
Cheers
[1] https://gist.github.com/riton/f56329252e885275aa5e
--
Remi Ferrand | Institut National de Physique Nucleaire
Tel. +33(0)4.78.93.08.80 | et de Physique
Hi everyone,
At CC-IN2P3, we've released a puppet module for remctl deployment.
It is available from the puppet forge:
http://www.puppetforge.com/ccin2p3/remctl.
Hope this could help any puppet and remctl users in the audience.
Feel free to comment and submit bug reports.
Cheers
Rémi
___
On 11/04/2014 11:10, Russ Allbery wrote:
> For example, for kadmin-remctl, our local remctl
> configuration is:
>
> kadmin change_passwd /usr/sbin/kadmin-backend logmask=3,4 \
> ANYUSER
> kadmin check_passwd /usr/sbin/kadmin-backend logmask=3 \
> /etc/remctl/acl/kadmin-examine /etc/remctl/
14 matches
Mail list logo
