Well yes, however if you add pkinit_identities = PKCS11:path-to-smartcardlib to the [libdefaults] section of your krb5.conf, the rpc.gssd will segfault.
In my world that means that rpc.gssd reads the pkinit-option in some way, but I'm not sure. Best regards, Patrik Martinsson, Sweden. Från: Frank Cusack [mailto:[email protected]] Skickat: den 14 oktober 2011 20:04 Till: Martinsson Patrik Kopia: [email protected] Ämne: Re: pkinit and nfs On Fri, Oct 14, 2011 at 1:56 AM, Martinsson Patrik <[email protected]<mailto:[email protected]>> wrote: How do I setup krb5.conf to get nfs not use pkinit, whilst when for example doing a regular "kinit" pkinit should be used. "nfs", i.e. rpc.gssd, does not use pkinit ever. It uses only a keytab. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
