[OpenAFS] Re: Cron Jobs for "Regular" Users

Holger Rauch holger.rauch@empic.de
Thu, 28 Jan 2010 21:04:55 +0100

Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi Russ,

thanks a lot for your reply.

On Thu, 28 Jan 2010, Russ Allbery wrote:

> [...]=20
> ktadd -norandkey will do this automatically.  ktutil doesn't seem like the
> right tool to use if you're using MIT Kerberos (it's the right tool to use
> if you're using Heimdal).

The problem is that I don't want to "destroy" my regular user's
princ. (I'm afraid that once I ktadd a princ to a keytab, I can't
login anymore interactively using that principal because of the
increased kvno). In case I'm wrong, please feel free to correct me. (I
would have preferred to use ktadd right from the start, but the
aforementioned fears kept me away from using it).

Could you perhaps post an example with ktadd where the user's
princ is still working for interactive logins as well after having
invoked ktadd?

Thanks & kind regards,


Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

Version: GnuPG v1.4.9 (GNU/Linux)