[Bug 225451] OpenSSH only looks for .k5login in user directory

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 08 Sep 2022 23:52:49 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=225451

Dan Mahoney <freebsd@gushi.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |freebsd@gushi.org

--- Comment #6 from Dan Mahoney <freebsd@gushi.org> ---
(In reply to Cy Schubert from comment #5)

Cy, apologies for opening an old bug: this is a supported feature in mit krb5:

https://web.mit.edu/kerberos/krb5-latest/doc/admin/conf_files/krb5_conf.html#krb5-conf-5

In our case, we'd want to deny users the ability to use their own k5login, such
that you only required a "special" auth token (like user/ssh@DOMAIN.COM)

It seems a valid use case for this.

-Dan

-- 
You are receiving this mail because:
You are the assignee for the bug.