On 12/13/2016 09:36 AM, Dave Love wrote: > Simo Sorce <[email protected]> writes: > >> If you really need to automate it because typing a password is too hard: >> cat ~/.mykrbpassword | kinit myusername > > It needs to be automated principally because the password is not > memorable. I assume infrastructure people would rather we don't use the > least secure credentials we can. > > There is actually a Kerberos mechanism for storing credentials even if > it somewhat defeats the object, particularly on a shared system. It > would be better if you could forward the GSS identities over ssh, but I > don't see that you can.
Of course you can: `ssh -K`. From the manpage:
-K Enables GSSAPI-based authentication and forwarding (delegation) of
GSSAPI credentials to the server.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ devel mailing list -- [email protected] To unsubscribe send an email to [email protected]
