[29355] in Kerberos
Re: auth_to_local_names
daemon@ATHENA.MIT.EDU (Matthew Loar)
Fri Feb 22 19:45:25 2008
From: Matthew Loar <matthew@loar.name>
Date: Sat, 23 Feb 2008 00:29:06 +0000 (UTC)
Message-ID: <fpnpci$e4i$1@news.acm.uiuc.edu>
X-Complaints-To: news@acm.uiuc.edu
To: kerberos@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
grackle <davidhuebel@gmail.com> wrote:
> I want Kerberos principal user1 to be able to log into user account
> user2 on a particular host. I specified
>
> auth_to_local_names {
> user1 = user2
> }
>
> in the krb5.conf file on the host. When I kinit on another machine as
> user1 and ssh to the host, I get a password prompt. When I enter my
> password, I am logged in as user1. If I change the above lines to
Are you telling ssh to log you in as user2 (-l user2)? The krb5.conf
doesn't affect who you log in as, just whether Kerberos will
authenticate you as that user.
Also, does user2 have a .k5login? In my experience, a .k5login will override
anything specified using auth_to_local.
Matt Loar
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
