[3795] in testers
Re: al_login_allowed backwards incompatibility
daemon@ATHENA.MIT.EDU (Greg Hudson)
Thu Jul 16 15:44:11 1998
To: "James M. Kretchmar" <kretch@MIT.EDU>
Cc: Greg Hudson <ghudson@MIT.EDU>, testers@MIT.EDU
In-Reply-To: Your message of "Thu, 16 Jul 1998 15:41:36 EDT."
<199807161941.PAA15728@mary-kay-commandos.mit.edu>
Date: Thu, 16 Jul 1998 15:43:55 EDT
From: Greg Hudson <ghudson@MIT.EDU>
>> Local accounts are a completely new feature. They don't "allow
>> local access."
> Do you mean a newly supported feature? They were certainly possible
> before ... I didn't realize they were unsupported.
No, I mean a new feature. "Local account" does not mean "logging in
without being able to get Kerberos tickets," it means, "the login
system won't even try to get Kerberos tickets or do any other
Athena-specific stuff."
> Password authentication. If you're not int *local_acct and you
> fail, say, kerberos authentication, you lose.
Sounds like an sshd bug.
