There might be one exception. If I remember right to login onto OpenSolaris/Solaris 10 with a non kerberised client (e.g. console) using pam_krb5 requires a root principal to login as root or at least have a dummy root principal key in the keytab to pass to the next pam module.
Markus "Richard E. Silverman" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] >>>>>> "SM" == Steven Miller <[EMAIL PROTECTED]> writes: > > SM> It looks as if root needs to be a principal in the realm, before > SM> using a k5login file to allow users to become root. Is this > SM> correct? > > No -- root is a Unix account to which you are giving certain principals > access, but placing those principals' names in ~root/.5login. There's no > need for a principal corresponding to the root account. > > SM> Assuming that it is, I want root's password to be managed > SM> locally (i.e not via kerberos), is there a way to do this? I would > SM> guess it might involve a keytab? > > SM> thanks in advance, > > SM> Steven > > > SM> > ____________________________________________________________________________________ > SM> Be a better friend, newshound, and know-it-all with Yahoo! Mobile. > SM> Try it now. > SM> http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ > > > -- > Richard Silverman > [EMAIL PROTECTED] > > ________________________________________________ > Kerberos mailing list [email protected] > https://mailman.mit.edu/mailman/listinfo/kerberos > ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
