sftp/Kerberos

Alexander E. Patrakov patrakov at ums.usu.ru
Wed Aug 1 21:00:55 PDT 2007


Randy McMurchy wrote:
> Alexander E. Patrakov wrote:
>
>   
>> AFAIK (I have never set up a Kerberos-based installation, but listened 
>> to a friend that demonstrated how to do it) /etc/passwd is still used in 
>> a Kerberos-based setup, and contains something like "*K*" in the 
>> password field. Only /etc/shadow is not used. And, both sftp and ssh 
>> link to libgssapi_krb5.so.2 :)
>>     
>
> This is incorrect. In all my Kerberos installations, there is
> nothing but the system users and root in /etc/passwd. Your friend
> is wrong.
>   
Very interesting. Could you please paste the output of the following 
commands from one of them (assuming that the user "randy" is in Kerberos):

getent passwd randy
id randy
strace id randy

I ask exactly for the same reason as you did for $HOME: testing that 
well-established glibc functions can retrieve the needed data.

-- 
Alexander E. Patrakov



More information about the blfs-dev mailing list