[7179] in Kerberos
Re: rkinit
daemon@ATHENA.MIT.EDU (Roland Schemers)
Wed May 1 03:41:25 1996
To: kerberos@MIT.EDU
Date: 30 Apr 1996 23:45:45 -0700
From: schemers@leland.Stanford.EDU (Roland Schemers)
In article <199604302356.TAA03052@badger.lehman.com>,
Richard Basch <basch@lehman.com> wrote:
>Kerberos credential is not checked by AFS. In other words, you could
>forward your afs ticket (hopefully encrypted in the rlogin or some other
>session key) to the remote side, and then stuff that into the kernel,
>using the appropriate pioctl() on behalf of the user. It does alleviate
>the user having to retype their password merely to issue an rlogin
>command.
That is exactly what my kftgt program does. It securely forwards your tgt
to a remote host. You can then use aklog to grab a token when you
login. I hacked up /bin/login to do the aklog thing automatically.
You can grab kftgt from:
<file:/afs/ir.stanford.edu/users/s/c/schemers/WWW/dist/kftgt-1.0.tar.Z>
or:
<http://www-leland.stanford.edu/~schemers/dist/kftgt-1.0.tar.Z>
roland
