On 6/29/06, Ken Hornstein <[EMAIL PROTECTED]> wrote:
>I am not using kerberos (yet), so I have to set it with kas.
>Can it be set to never expire ? or is the maximum lifetime 720 hours ?
Just as a note ... if you set you tickets to never expire (which I don't
think is possible with the current code), you're just asking to be 0wned.
Just my $0.02.
What he said.
You set things in ka with "kas setfields" [or just type "kas", hit
return, and use it interactively, similarly to kadmin].
Using KAS means you're using K4, which is very insecure. Using an
insecure authentication mechanism with long lasting tickets is a good
way to get your whole cell comprimised.
I think you'll find few people here are going to give you advice on
how to set yourself up for a disaster.
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
