[TriLUG] Kerberos and Linux

Ryan Leathers ryan.leathers at globalknowledge.com
Mon Mar 13 15:13:59 EST 2006


I nominate Richie Woodbury and Israel Pattison !

Both of these guys could do the topic justice, as they have intimate
knowledge of our company's single sign-on system.

service slow-clap start

Ryan

On Mon, 2006-03-13 at 14:38 -0500, Alan Porter wrote:
> Kevin Otte said the following:
> 
> >I have our systems set up to try pam_unix first, then pam_krb5.  This way if
> >you try a root login, the local is matched first.  I then add
> >"use_first_pass" as a parameter to pam_krb5, such that you do not get a
> >second prompt.
> >
> >kjotte at starbuck:~$ cat /etc/pam.d/common-auth
> >auth    sufficient      pam_unix.so nullok_secure
> >auth    sufficient      pam_krb5.so use_first_pass
> >auth    required        pam_deny.so
> >  
> >
> 
> This would make a great topic for a TriLUG meeting.
> 
> Volunteers?
> 
> 
> 
> 
> Alan
> 
> 
> 




More information about the TriLUG mailing list