Dear Kerberos Support, The .k5login file in ones home directory gives user A and ability to let other users (say user B) to log-in to the system as user A.
This could be a nice feature because users can give others access to their account without sharing their password. Also, ~~who logs-in as who~~ is reflected in krb5kdc.log, like this: Jan 7 16:16:23 hostname sshd[12143]: Authorized to usera, krb5 principal [email protected] (krb5_kuserok) I recently had a funny situation where an old user was trying to help a new user by doing something like: olduser$ scp ~/.* newu...@host: To share all the dot files. But effectively locked-out the new user because the new user's line got kicked out of .k5login Is there a way to re-configure MIT Kerberos to disable the .k5login feature? Alex -- --------------------------------------------------------------- Aleksandr Levchuk Homepage: http://biocluster.ucr.edu/~alevchuk/ Cell Phone: (951) 368-0004 Bioinformatic Systems and Databases Lab Phone: (951) 905-5232 Institute for Integrative Genome Biology University of California, Riverside --------------------------------------------------------------- ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
