pam config of the client is this: ################################################### (for i in /etc/pam.d/* ; do printf "\n>>>> %s\n" "$i" ; cat "$i" ; done)
>>>> /etc/pam.d/atd # # The PAM configuration file for the at daemon # # auth sufficient pam_rootok.so auth include common-auth account include common-account password include common-password session include common-session >>>> /etc/pam.d/chage #%PAM-1.0 auth sufficient pam_rootok.so auth include common-auth account include common-account password include common-password session include common-session >>>> /etc/pam.d/chfn #%PAM-1.0 auth sufficient pam_rootok.so auth include common-auth account include common-account password include common-password session include common-session >>>> /etc/pam.d/chpasswd #%PAM-1.0 auth sufficient pam_rootok.so auth include common-auth account include common-account password include common-password session include common-session >>>> /etc/pam.d/chsh #%PAM-1.0 auth sufficient pam_rootok.so auth include common-auth account include common-account password include common-password session include common-session >>>> /etc/pam.d/common-account #%PAM-1.0 # # This file is autogenerated by pam-config. All changes # will be overwritten. # # Account-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of the accountorization modules that define # the central access policy for use on the system. The default is to # only deny service to users whose accounts are expired. # account requisite pam_unix.so try_first_pass account required pam_krb5.so use_first_pass ignore_unknown_principals >>>> /etc/pam.d/common-account.pam-config-backup # # /etc/pam.d/common-account - authorization settings common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of the authorization modules that define # the central access policy for use on the system. The default is to # only deny service to users whose accounts are expired. # account required pam_unix.so try_first_pass >>>> /etc/pam.d/common-account-pc #%PAM-1.0 # # This file is autogenerated by pam-config. All changes # will be overwritten. # # Account-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of the accountorization modules that define # the central access policy for use on the system. The default is to # only deny service to users whose accounts are expired. # account requisite pam_unix.so try_first_pass account required pam_krb5.so use_first_pass ignore_unknown_principals >>>> /etc/pam.d/common-auth #%PAM-1.0 # # This file is autogenerated by pam-config. All changes # will be overwritten. # # Authentication-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of the authentication modules that define # the central authentication scheme for use on the system # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the # traditional Unix authentication mechanisms. # auth required pam_env.so auth optional pam_gnome_keyring.so auth sufficient pam_unix.so try_first_pass auth sufficient pam_krb5.so use_first_pass auth required pam_deny.so >>>> /etc/pam.d/common-auth.pam-config-backup # # /etc/pam.d/common-auth - authentication settings common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of the authentication modules that define # the central authentication scheme for use on the system # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the # traditional Unix authentication mechanisms. # auth required pam_env.so auth required pam_unix.so try_first_pass >>>> /etc/pam.d/common-auth-pc #%PAM-1.0 # # This file is autogenerated by pam-config. All changes # will be overwritten. # # Authentication-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of the authentication modules that define # the central authentication scheme for use on the system # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the # traditional Unix authentication mechanisms. # auth required pam_env.so auth optional pam_gnome_keyring.so auth sufficient pam_unix.so try_first_pass auth sufficient pam_krb5.so use_first_pass auth required pam_deny.so >>>> /etc/pam.d/common-password #%PAM-1.0 # # This file is autogenerated by pam-config. All changes # will be overwritten. # # Password-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define the services to be # used to change user passwords. # password requisite pam_cracklib.so password optional pam_gnome_keyring.so use_authtok password [default=ignore success=1] pam_succeed_if.so uid > 999 quiet password sufficient pam_unix.so use_authtok nullok shadow try_first_pass password sufficient pam_krb5.so password required pam_deny.so >>>> /etc/pam.d/common-password.pam-config-backup # # /etc/pam.d/common-password - password-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define the services to be # used to change user passwords. # # The "nullok" option allows users to change an empty password, else # empty passwords are treated as locked accounts. # password requisite pam_cracklib.so password required pam_unix.so use_authtok nullok try_first_pas >>>> /etc/pam.d/common-password-pc #%PAM-1.0 # # This file is autogenerated by pam-config. All changes # will be overwritten. # # Password-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define the services to be # used to change user passwords. # password requisite pam_cracklib.so password optional pam_gnome_keyring.so use_authtok password [default=ignore success=1] pam_succeed_if.so uid > 999 quiet password sufficient pam_unix.so use_authtok nullok shadow try_first_pass password sufficient pam_krb5.so password required pam_deny.so >>>> /etc/pam.d/common-session #%PAM-1.0 # # This file is autogenerated by pam-config. All changes # will be overwritten. # # Session-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define tasks to be performed # at the start and end of sessions of *any* kind (both interactive and # non-interactive # session required pam_limits.so session required pam_unix.so try_first_pass session optional pam_krb5.so session optional pam_umask.so session optional pam_systemd.so session optional pam_gnome_keyring.so auto_start only_if=gdm,gdm-password,lxdm,lightdm session optional pam_env.so >>>> /etc/pam.d/common-session.pam-config-backup # # /etc/pam.d/common-session - session-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define tasks to be performed # at the start and end of sessions of *any* kind (both interactive and # non-interactive). # session required pam_limits.so session required pam_unix.so try_first_pass session optional pam_umask.so session optional pam_env.so >>>> /etc/pam.d/common-session-pc #%PAM-1.0 # # This file is autogenerated by pam-config. All changes # will be overwritten. # # Session-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define tasks to be performed # at the start and end of sessions of *any* kind (both interactive and # non-interactive # session required pam_limits.so session required pam_unix.so try_first_pass session optional pam_krb5.so session optional pam_umask.so session optional pam_systemd.so session optional pam_gnome_keyring.so auto_start only_if=gdm,gdm-password,lxdm,lightdm session optional pam_env.so >>>> /etc/pam.d/crond # # The PAM configuration file for the cron daemon # # # No PAM authentication called, auth modules not needed auth sufficient pam_rootok.so account sufficient pam_listfile.so item=user sense=allow file=/etc/cron.allow onerr=succeed quiet auth include common-auth account include common-account password include common-password session required pam_loginuid.so session include common-session >>>> /etc/pam.d/cups auth include common-auth account include common-account >>>> /etc/pam.d/groupadd #%PAM-1.0 auth sufficient pam_rootok.so auth required pam_permit.so account required pam_permit.so password required pam_permit.so session required pam_permit.so >>>> /etc/pam.d/groupdel #%PAM-1.0 auth sufficient pam_rootok.so auth required pam_permit.so account required pam_permit.so password required pam_permit.so session required pam_permit.so >>>> /etc/pam.d/groupmod #%PAM-1.0 auth sufficient pam_rootok.so auth required pam_permit.so account required pam_permit.so password required pam_permit.so session required pam_permit.so >>>> /etc/pam.d/init #%PAM-1.0 # # The PAM configuration file for /sbin/init # Used for updating the lastlog logging file # auth sufficient pam_rootok.so account include common-account session requisite pam_lastlog.so silent >>>> /etc/pam.d/login #%PAM-1.0 auth requisite pam_nologin.so auth [user_unknown=ignore success=ok ignore=ignore auth_err=die default=bad] pam_securetty.so auth include common-auth account include common-account password include common-password session required pam_loginuid.so session include common-session #session optional pam_lastlog.so nowtmp showfailed session optional pam_mail.so standard >>>> /etc/pam.d/newusers #%PAM-1.0 auth sufficient pam_rootok.so auth required pam_permit.so account required pam_permit.so password required pam_permit.so session required pam_permit.so >>>> /etc/pam.d/other #%PAM-1.0 auth required pam_warn.so auth required pam_deny.so account required pam_warn.so account required pam_deny.so password required pam_warn.so password required pam_deny.so session required pam_warn.so session required pam_deny.so >>>> /etc/pam.d/passwd #%PAM-1.0 auth include common-auth account include common-account password include common-password session include common-session >>>> /etc/pam.d/polkit-1 #%PAM-1.0 auth include common-auth account include common-account password include common-password session include common-session >>>> /etc/pam.d/ppp #%PAM-1.0 auth required pam_nologin.so auth include common-auth account include common-account password include common-password session include common-session >>>> /etc/pam.d/remote #%PAM-1.0 # This file is used by /bin/login in case of remote logins (means where # the -h option is used auth requisite pam_nologin.so auth [user_unknown=ignore success=ok ignore=ignore auth_err=die default=bad] pam_securetty.so auth include common-auth account include common-account password include common-password session required pam_loginuid.so session include common-session session optional pam_lastlog.so nowtmp showfailed session optional pam_mail.so standard >>>> /etc/pam.d/samba #%PAM-1.0 auth include common-auth account include common-account password include common-password session include common-session >>>> /etc/pam.d/smtp #%PAM-1.0 auth include common-auth account include common-account password include common-password session include common-session >>>> /etc/pam.d/sshd #%PAM-1.0 auth requisite pam_nologin.so auth include common-auth account requisite pam_nologin.so account include common-account password include common-password session required pam_loginuid.so session include common-session session optional pam_lastlog.so silent noupdate showfailed >>>> /etc/pam.d/su #%PAM-1.0 auth sufficient pam_rootok.so auth include common-auth account sufficient pam_rootok.so account include common-account password include common-password session include common-session session optional pam_xauth.so >>>> /etc/pam.d/sudo #%PAM-1.0 auth include common-auth account include common-account password include common-password session include common-session # session optional pam_xauth.so >>>> /etc/pam.d/su-l #%PAM-1.0 auth sufficient pam_rootok.so auth include common-auth account sufficient pam_rootok.so account include common-account password include common-password session include common-session session optional pam_xauth.so >>>> /etc/pam.d/useradd #%PAM-1.0 auth sufficient pam_rootok.so auth required pam_permit.so account required pam_permit.so password required pam_permit.so session required pam_permit.so >>>> /etc/pam.d/userdel #%PAM-1.0 auth sufficient pam_rootok.so auth required pam_permit.so account required pam_permit.so password required pam_permit.so session required pam_permit.so >>>> /etc/pam.d/usermod #%PAM-1.0 auth sufficient pam_rootok.so auth required pam_permit.so account required pam_permit.so password required pam_permit.so session required pam_permit.so >>>> /etc/pam.d/vlock auth include common-auth account include common-account session include common-session password include common-password >>>> /etc/pam.d/vmtoolsd #%PAM-1.0 auth sufficient pam_unix2.so nullok auth sufficient pam_unix.so shadow nullok auth required pam_unix_auth.so shadow nullok account sufficient pam_unix2.so account sufficient pam_unix.so account required pam_unix_acct.so >>>> /etc/pam.d/xdm #%PAM-1.0 auth include common-auth account include common-account password include common-password session required pam_loginuid.so session include common-session >>>> /etc/pam.d/xdm-np #%PAM-1.0 auth required pam_permit.so account include common-account password include common-password session required pam_loginuid.so session include common-session ################################################### pam config on the server is this: ################################################### (for i in /etc/pam.d/* ; do printf "\n>>>> %s\n" "$i" ; cat "$i" ; done) >>>> /etc/pam.d/atd # # The PAM configuration file for the at daemon # # auth sufficient pam_rootok.so auth include common-auth account include common-account password include common-password session include common-session >>>> /etc/pam.d/chage #%PAM-1.0 auth sufficient pam_rootok.so auth include common-auth account include common-account password include common-password session include common-session >>>> /etc/pam.d/chfn #%PAM-1.0 # For chfn command auth sufficient pam_rootok.so auth include common-auth account include common-account password include common-password session include common-session >>>> /etc/pam.d/chsh #%PAM-1.0 # For chsh command auth sufficient pam_rootok.so auth include common-auth account include common-account password include common-password session include common-session >>>> /etc/pam.d/common-account #%PAM-1.0 # # This file is autogenerated by pam-config. All changes # will be overwritten. # # Account-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of the accountorization modules that define # the central access policy for use on the system. The default is to # only deny service to users whose accounts are expired. # account requisite pam_unix2.so account required pam_krb5.so use_first_pass ignore_unknown_principals >>>> /etc/pam.d/common-account.pam-config-backup # # /etc/pam.d/common-account - authorization settings common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of the authorization modules that define # the central access policy for use on the system. The default is to # only deny service to users whose accounts are expired. # account required pam_unix2.so >>>> /etc/pam.d/common-account-pc #%PAM-1.0 # # This file is autogenerated by pam-config. All changes # will be overwritten. # # Account-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of the accountorization modules that define # the central access policy for use on the system. The default is to # only deny service to users whose accounts are expired. # account requisite pam_unix2.so account required pam_krb5.so use_first_pass ignore_unknown_principals >>>> /etc/pam.d/common-auth #%PAM-1.0 # # This file is autogenerated by pam-config. All changes # will be overwritten. # # Authentication-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of the authentication modules that define # the central authentication scheme for use on the system # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the # traditional Unix authentication mechanisms. # auth required pam_env.so auth optional pam_gnome_keyring.so auth sufficient pam_unix2.so auth sufficient pam_krb5.so use_first_pass auth required pam_deny.so >>>> /etc/pam.d/common-auth.pam-config-backup # # /etc/pam.d/common-auth - authentication settings common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of the authentication modules that define # the central authentication scheme for use on the system # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the # traditional Unix authentication mechanisms. # auth required pam_env.so auth required pam_unix2.so >>>> /etc/pam.d/common-auth-pc #%PAM-1.0 # # This file is autogenerated by pam-config. All changes # will be overwritten. # # Authentication-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of the authentication modules that define # the central authentication scheme for use on the system # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the # traditional Unix authentication mechanisms. # auth required pam_env.so auth optional pam_gnome_keyring.so auth sufficient pam_unix2.so auth sufficient pam_krb5.so use_first_pass auth required pam_deny.so >>>> /etc/pam.d/common-password #%PAM-1.0 # # This file is autogenerated by pam-config. All changes # will be overwritten. # # Password-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define the services to be # used to change user passwords. # password requisite pam_pwcheck.so nullok cracklib password optional pam_gnome_keyring.so use_authtok password [default=ignore success=1] pam_succeed_if.so uid > 999 quiet password sufficient pam_unix2.so use_authtok nullok password sufficient pam_krb5.so password required pam_deny.so >>>> /etc/pam.d/common-password.pam-config-backup # # /etc/pam.d/common-password - password-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define the services to be # used to change user passwords. The default is pam_unix2 in combination # with pam_pwcheck. # The "nullok" option allows users to change an empty password, else # empty passwords are treated as locked accounts. # # To enable Blowfish or MD5 passwords, you should edit # /etc/default/passwd. # # Alternate strength checking for passwords should be configured # in /etc/security/pam_pwcheck.conf. # # pam_make can be used to rebuild NIS maps after password change. # password required pam_pwcheck.so nullok cracklib password required pam_unix2.so nullok use_authtok #password required pam_make.so /var/yp >>>> /etc/pam.d/common-password-pc #%PAM-1.0 # # This file is autogenerated by pam-config. All changes # will be overwritten. # # Password-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define the services to be # used to change user passwords. # password requisite pam_pwcheck.so nullok cracklib password optional pam_gnome_keyring.so use_authtok password [default=ignore success=1] pam_succeed_if.so uid > 999 quiet password sufficient pam_unix2.so use_authtok nullok password sufficient pam_krb5.so password required pam_deny.so >>>> /etc/pam.d/common-session #%PAM-1.0 # # This file is autogenerated by pam-config. All changes # will be overwritten. # # Session-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define tasks to be performed # at the start and end of sessions of *any* kind (both interactive and # non-interactive # session required pam_limits.so session required pam_unix2.so session optional pam_apparmor.so session optional pam_krb5.so session optional pam_umask.so session optional pam_gnome_keyring.so auto_start only_if=gdm,lxdm >>>> /etc/pam.d/common-session.pam-config-backup # # /etc/pam.d/common-session - session-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define tasks to be performed # at the start and end of sessions of *any* kind (both interactive and # non-interactive). The default is pam_unix2. # session required pam_limits.so session required pam_unix2.so session optional pam_umask.so >>>> /etc/pam.d/common-session-pc #%PAM-1.0 # # This file is autogenerated by pam-config. All changes # will be overwritten. # # Session-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define tasks to be performed # at the start and end of sessions of *any* kind (both interactive and # non-interactive # session required pam_limits.so session required pam_unix2.so session optional pam_apparmor.so session optional pam_krb5.so session optional pam_umask.so session optional pam_gnome_keyring.so auto_start only_if=gdm,lxdm >>>> /etc/pam.d/crond # # The PAM configuration file for the cron daemon # # auth sufficient pam_rootok.so auth include common-auth account include common-account password include common-password session required pam_loginuid.so session include common-session >>>> /etc/pam.d/cups auth include common-auth account include common-account >>>> /etc/pam.d/init #%PAM-1.0 # # The PAM configuration file for /sbin/init # Used for updating the lastlog logging file # auth sufficient pam_rootok.so account include common-account session requisite pam_lastlog.so silent >>>> /etc/pam.d/login #%PAM-1.0 auth requisite pam_nologin.so auth [user_unknown=ignore success=ok ignore=ignore auth_err=die default=bad] pam_securetty.so auth include common-auth account include common-account password include common-password session required pam_loginuid.so session include common-session session required pam_lastlog.so nowtmp session optional pam_mail.so standard session optional pam_ck_connector.so >>>> /etc/pam.d/login.old #%PAM-1.0 auth requisite pam_nologin.so auth [user_unknown=ignore success=ok ignore=ignore auth_err=die default=bad] pam_securetty.so auth include common-auth account include common-account password include common-password session required pam_loginuid.so session include common-session session required pam_lastlog.so nowtmp session optional pam_mail.so standard session optional pam_ck_connector.so >>>> /etc/pam.d/other #%PAM-1.0 auth required pam_warn.so auth required pam_deny.so account required pam_warn.so account required pam_deny.so password required pam_warn.so password required pam_deny.so session required pam_warn.so session required pam_deny.so >>>> /etc/pam.d/passwd #%PAM-1.0 auth include common-auth account include common-account password include common-password session include common-session >>>> /etc/pam.d/polkit #%PAM-1.0 auth include common-auth account include common-account password include common-password session include common-session >>>> /etc/pam.d/polkit-1 #%PAM-1.0 auth include common-auth account include common-account password include common-password session include common-session >>>> /etc/pam.d/ppp #%PAM-1.0 auth required pam_nologin.so auth include common-auth account include common-account password include common-password session include common-session >>>> /etc/pam.d/remote #%PAM-1.0 # This file is used by /bin/login in case of remote logins (means where # the -h option is used auth requisite pam_nologin.so auth [user_unknown=ignore success=ok ignore=ignore auth_err=die default=bad] pam_securetty.so auth include common-auth account include common-account password include common-password session required pam_loginuid.so session include common-session session required pam_lastlog.so nowtmp session optional pam_mail.so standard >>>> /etc/pam.d/samba #%PAM-1.0 auth include common-auth account include common-account password include common-password session include common-session >>>> /etc/pam.d/shadow #%PAM-1.0 auth sufficient pam_rootok.so auth required pam_permit.so account required pam_permit.so #password required pam_make.so /var/yp password required pam_permit.so session required pam_deny.so >>>> /etc/pam.d/smtp #%PAM-1.0 auth include common-auth account include common-account password include common-password session include common-session >>>> /etc/pam.d/sshd #%PAM-1.0 auth requisite pam_nologin.so auth include common-auth account requisite pam_nologin.so account include common-account password include common-password session required pam_loginuid.so session include common-session >>>> /etc/pam.d/su #%PAM-1.0 auth sufficient pam_rootok.so auth include common-auth account sufficient pam_rootok.so account include common-account password include common-password session include common-session session optional pam_xauth.so >>>> /etc/pam.d/sudo #%PAM-1.0 auth include common-auth account include common-account password include common-password session include common-session # session optional pam_xauth.so >>>> /etc/pam.d/su-l #%PAM-1.0 auth sufficient pam_rootok.so auth include common-auth account sufficient pam_rootok.so account include common-account password include common-password session include common-session session optional pam_xauth.so >>>> /etc/pam.d/useradd #%PAM-1.0 auth sufficient pam_rootok.so auth required pam_permit.so account required pam_permit.so password required pam_permit.so session required pam_permit.so >>>> /etc/pam.d/vmware-authd #%PAM-1.0 auth include common-auth account include common-account password include common-password session include common-session >>>> /etc/pam.d/vsftpd #%PAM-1.0 # Uncomment this to achieve what used to be ftpd -A. # auth required pam_listfile.so item=user sense=allow file=/etc/ftpchroot onerr=fail auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed # Uncomment the following line for anonymous ftp. #auth sufficient pam_ftp.so auth required pam_shells.so auth include common-auth account include common-account password include common-password session required pam_loginuid.so session include common-session >>>> /etc/pam.d/xdm #%PAM-1.0 auth include common-auth account include common-account password include common-password session required pam_loginuid.so session include common-session >>>> /etc/pam.d/xdm-np #%PAM-1.0 auth required pam_permit.so account include common-account password include common-password session include common-session ################################################### Does that help? Olga On Wed, Mar 12, 2014 at 9:31 AM, Robert Wehn <[email protected]> wrote: > Am 12.03.2014 02:30, schrieb ольга крыжановская: >> Does anyone know how I can debug kerberos pam on Linux? We have a new >> krb5 server running on stock Suse 11.3 on which a user test001 is >> configured. Logging in into that local account works on the server and >> gives automagic a krb5 ticket. > I'm not sure how pam is configured in Suse Linux. > In Debian/Ubuntu i would look into > /etc/pam.d/auth-common (or the other auth modules there) > to see which modules are used and "requisite" "sufficient" "optional" ... > Maybe its all in one file like /etc/pam.conf in Suse ... > > "man pam.conf" for the details. > > What do you plan to do: > - Lock in with a local account and get a kerberos ticket in addition > (for the local user) > - have a password only in kerberos *or* locally on the machine >> However, on the client machine, which runs Suse 12.3, which uses the >> server as kdc, I do not get a krb5 ticket automagically if I ssh into >> it, while a later kinit gives me the desired ticket. > please provide the pam config files of server and client. > > Robert. > > -- > > Dr. Robert Wehn ........................ http://www.rz.uni-augsburg.de > Universität Augsburg, Rechenzentrum ............. Tel. (0821) 598-2047 > 86135 Augsburg .................................. Fax. (0821) 598-2028 > -- , _ _ , { \/`o;====- Olga Kryzhanovska -====;o`\/ } .----'-/`-/ [email protected] \-`\-'----. `'-..-| / http://twitter.com/fleyta \ |-..-'` /\/\ Solaris/BSD//C/C++ programmer /\/\ `--` `--` ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
