[5104] in Kerberos
Re: Mods to kerberize login.c
daemon@ATHENA.MIT.EDU (Mike Muuss)
Fri May 5 22:50:50 1995
Date: Fri, 5 May 95 21:29:39 EDT
From: Mike Muuss <mike@arl.mil>
To: Wolfgang Rupprecht <wolfgang@wsrcc.com>
Cc: kerberos@MIT.EDU
> Do you know if I would break anything if I changed kinit to also
> include this option?
kinit will be improved by swithcing to the preauthentication. Here
are our changes. 14 hours permits working late after a long lunch.
#if 0
#define KRB5_DEFAULT_LIFE 60*60*8 /* 8 hours */
#endif
#define KRB5_DEFAULT_LIFE 60*60*14 /* ARL: 14 hours */
/*
* Try no preauthentication first; then try the encrypted timestamp
*/
int preauth_search_list[] = {
KRB5_PADATA_ENC_TIMESTAMP, /* ARL: try this first */
0,
-1
};
main()
{
....
char password[255], *client_name, prompt[255];
options |= KDC_OPT_FORWARDABLE; /* ARL: Always forwardable */