[36423] in Kerberos
Re: How to use NFS with multiple principals in different realms?
daemon@ATHENA.MIT.EDU (Cedric Blancher)
Thu Sep 4 07:25:29 2014
MIME-Version: 1.0
In-Reply-To: <540831FE.1010208@rug.nl>
Date: Thu, 4 Sep 2014 13:25:13 +0200
Message-ID: <CALXu0Ufa166-PocKOOMBSF6yONaMxyUMHQmLA8NuSda9sE8PVQ@mail.gmail.com>
From: Cedric Blancher <cedric.blancher@gmail.com>
To: Jurjen Bokma <j.bokma@rug.nl>
Cc: Linux NFS Mailing List <linux-nfs@vger.kernel.org>,
"<kerberos@mit.edu>" <kerberos@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On 4 September 2014 11:33, Jurjen Bokma <j.bokma@rug.nl> wrote:
> You use cross realm authentication, so that your NFS client may obtain
> tickets for servers that are not in its own realm.
What if I cannot use cross realm authentication? For example if both
realms do not like each other?
What if I really have to kinit into multiple realms? Kerberos since
1.10 can do that and klist now has a new flag -A to list all entries
if KRB5CCNAME points to a directory, e.g.
KRB5CCNAME=DIR:/tmp/krbcc$UID/
Ced
--
Cedric Blancher <cedric.blancher@gmail.com>
Institute Pasteur
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
