[353] in athena10
Re: update_server and remote access
daemon@ATHENA.MIT.EDU (Timothy G Abbott)
Fri Aug 1 12:03:00 2008
Date: Fri, 1 Aug 2008 12:02:15 -0400 (EDT)
From: Timothy G Abbott <tabbott@MIT.EDU>
To: Jonathan Reed <jdreed@mit.edu>
cc: athena10@mit.edu
In-Reply-To: <22FA0C53-541C-4C59-9723-CB9D72893298@mit.edu>
Message-ID: <alpine.DEB.1.10.0808011151340.17281@vinegar-pot.mit.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
On Fri, 1 Aug 2008, Jonathan Reed wrote:
> - When I ssh to an Athena 10 machine, ssh first prompts for "Password:". If
> I (accidentally, for example) simply hit Return, it then prompts for
> "Password for jdreed@ATHENA.MIT.EDU:" Presumably that's a result of PAM
> stacking, but it's a weird and potentially confusing behavior, especially
> since the first prompt will happily accept the user's Kerberos password.
> It's a minor thing, but is there any way around that?
The use_first_pass option to pam_krb5 (which we use) is supposed to do
this (see pam_krb5(5) for details), but it does seem it behaves as
desired.
-Tim Abbott
