[3215] in SIPB_Linux_Development
Re: SIPB Linux-Athena goes beta
daemon@ATHENA.MIT.EDU (Derek Atkins)
Tue Nov 21 13:35:35 2000
To: Alex Coventry <alex_c@MIT.EDU>
Cc: pylot@MIT.EDU, Linux-Dev <linux-dev@MIT.EDU>
From: Derek Atkins <warlord@MIT.EDU>
Date: 21 Nov 2000 13:35:26 -0500
In-Reply-To: Alex Coventry's message of "Tue, 21 Nov 2000 11:32:41 -0500"
Message-Id: <sjm1yw5dvgx.fsf@rcn.ihtfp.org>
Just keep in mind, if you try this, that the MIT KDC has a limit on
how long it will issue tickets. I don't know, offhand, what that
limit is. However, you cannot obtain extremely long-lived tickets.
I'm not sure why you care about typing your password all the time; You
only need tickets when you're sitting at the machine. I would
recommend against setting up a cron-job to run fetchmail all the time;
instead I would just run it periodically by hand. Then you don't need
tickets "all the time".
If you want mail notification, you can run a small zephyr process that
subscribes to mail notificiations. Note that this process only needs
tickets at subscription time; if the tickets disappear afterwards, it
will continue to run.
-derek
PS: To answer your original question, kinit -k will obtain tickets
from a krb5 keytab file.
Alex Coventry <alex_c@MIT.EDU> writes:
> Hi, Daniel.
>
> I suggest you take a look at the man page for kinit. There is an option
> '-l' that will allow you to request longer-lived tickets. If you keep
> your password on your machine in plaintext, you are probably going to
> regret it, down the road.
>
> Alex.
>
> > Date: Tue, 21 Nov 2000 09:25:11 -0500 (EST)
> > From: Daniel Preda <pylot@MIT.EDU>
> > To: Alex Coventry <alex_c@mit.edu>
> > Subject: Re: SIPB Linux-Athena goes beta
> > In-Reply-To: <200010060115.VAA16413@pickled-herring.mit.edu>
> > Content-Type: TEXT/PLAIN; charset=US-ASCII
> >
> >
> > Hi!
> >
> > I have another question for you. I've successfully installed some athena
> > packages on my computer (rh 6.2) but it really annoys me that I have to
> > renew my tickets (I use kinit) every 10 hrs or so. Is there a way to call
> > kinit from a script and to read the password from a file for instance, so
> > I don't have to enter the pass manually? I know this is a security risk
> > but I'm the only one to use my computer so it's not such a big risk. Or
> > maybe if you have the source of kinit I could modify it.
> >
> > Thanks,
> > Daniel
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL N1NWH
warlord@MIT.EDU PGP key available
