[OpenAFS] OpenAFS + Kerb5: lifetimes
Derrick J Brashear
shadow@dementia.org
Thu, 12 Jul 2007 17:02:54 -0400 (EDT)
kinit -l7d ?
On Thu, 12 Jul 2007, Jeff Blaine wrote:
> I spoke way too soon.
>
> One of them was off.
>
> They're all three set to "2 days" now as a test
> and I still only
> get tickets and tokens for 24hrs.
>
> Jeffrey Altman wrote:
>> Jeff Blaine wrote:
>>> I'm using OpenAFS 1.4.3, pam_afs_session, and
>>> pam_krb5 from
>>> Russ Alberry. Can anyone shed light on why my
>>> tickets and
>>> tokens have only a 24hr lifetime?
>>>
>>> kadmin.local: getprinc jblaine
>>> Principal: jblaine@RCF.MITRE.ORG
>>> Expiration date: [never]
>>> Last password change: Mon Apr 23 14:50:16 EDT
>>> 2007
>>> Password expiration date: [none]
>>> Maximum ticket life: 7 days 00:00:00
>>> Maximum renewable life: 0 days 00:00:00
>>> Last modified: Tue May 01 14:32:01 EDT 2007
>>> (root/admin@RCF.MITRE.ORG)
>>> Last successful authentication: [never]
>>> Last failed authentication: [never]
>>> Failed password attempts: 0
>>> Number of keys: 2
>>> Key: vno 1, Triple DES cbc mode with HMAC/sha1,
>>> no salt
>>> Key: vno 1, DES cbc mode with CRC-32, no salt
>>> Attributes:
>>> Policy: [none]
>>> kadmin.local:
>>
>> What are the maximum ticket lifetimes for your
>> krbtgt/RCF.MITRE.ORG@RCF.MITRE.ORG and
>> afs[/cell]@RCF@MITRE.ORG
>> principals?
>>
>> The maximum lifetime is the minimum of the user,
>> tgt and service principals.
>>
>> Jeffrey Altman
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
>