izable? Am I missing something or my assumption basically wrong?
Regards,
Wang Jian
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
2017-04-20 2:09 GMT+08:00 Greg Hudson :
> On 04/19/2017 08:10 AM, Wang Jian wrote:
>> I used to think that I can limit kinit by client address for certain
>> principal, using a preauth plugin. [...]
>
>> Now, we do have such demand. But when I start to implement it, I find
Hi list,
When using ansible with kerberos for thousands of targets, there is a
serious ccache performance issue.
Using file ccache (DIR:)
- from a cold ccache, running simple script on servers is fast, at 500-700
hosts/min with 2 or 4 concurrent ansible instance. But things change when
ccache has
Charles Hedrick 于2019年5月14日周二 上午5:29写道:
> another workaround:
>
> Put your credential cache in /tmp.
>
> instead of ssh call a script that does this:
>
> cp $KRB5CCNAME /tmp/krb5cc_$$
> export KRB5CCNAME=/tmp/krb5cc_$$
>
> ssh “$@“
> rm /tmp/krb5cc_$$
>
> That is, copy the cache into a different
