Ryan Boyd <[EMAIL PROTECTED]> writes: > Thanks Russ! This looks to be a solution to my problem. Based on this > comment, I'm wondering if the PAM module goes through each user in the > k5login and tries the password entered?
Yup! That is indeed what it does. It's an ugly hack, but it's what works. > It would be great to have a way to specify the principal I'm logging in > to and the principal I'm authenticating as separately during the > authentication process, thus eliminating this problem. However, this may > be more complicated than it sounds :) Yeah, I don't know of a way to do that that with PAM and ssh. That would definitely be more elegant. -- Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/> ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
