----- Original Message ----- > From: "John Devitofranceschi" <[email protected]> > To: [email protected] > Cc: "Simo Sorce" <[email protected]> > Sent: Friday, July 17, 2015 6:52:01 AM > Subject: Re: kerberos ticket cache > > > > On Jul 10, 2015, at 10:06 AM, Simo Sorce <[email protected]> wrote: > > > > > > The same is for Kerberized NFS in Linux, the session keys are stored in > > the kernel and there is currently no way to revoke them, however once > > the session is destroyed the kernel will not be able to recreate it. > > > > How long does it take for the stored session keys to expire after the ccache > is destroyed? Is it based on ticket lifetime?
Yes, the "endtime" of the established context is passed down to the kernel, and it will be used to check when the context expires. When it does the kernel returns an "Expired Context" error. Simo. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
