Accessing gssapi/kerberos principal
Dan Peterson
petesea at bigfoot.com
Wed Mar 8 04:41:17 EST 2006
On Mon, 6 Mar 2006, Frank Cusack wrote:
> On March 6, 2006 4:31:01 PM -0800 Dan Peterson <petesea at bigfoot.com> wrote:
>
>> I'm attempting to add authorized_keys functionality to gssapi/kerberos
>> authorized connections, mainly to support forced command capability,
>
> doesn't .k5users do what you want?
As far as I know, .k5users is only consulted when using "ksu", not during
an ssh connection. And in my particular situation, the users don't have
home directories.
My main reason for making this patch is to provide a way to use ssh with
kerberos authentication for dedicated CVS and Subversion connections. The
users have no other access to the system.
More information about the openssh-unix-dev
mailing list