On 26 November 2013 01:46, Timothy Murphy <gayle...@eircom.net> wrote:
> > At the moment I'm not clear what advantage keytabs have. > I do not have to login after "ssh -Y ..." > as I have appended id_rsa.pub to known_hosts in each direction. > > Keytabs are like a filebased password that the machine uses to authenticate to the directory server in order to validate that the token you provide is indeed valid. Without a proper kerberos infrastructure (keytabs on machines, PTR records in place, time consistent, etc etc) GSSAPI for SSH/HTTP/etc will not work.
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
