[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Kerberos tickets and one time passwords

On Fri, Feb 28, 2003 at 08:17:37AM +0100, Andreas Haupt wrote:
> for some reason we need a (telnet) login with one time passwords. The
> problem is, that you don't get a kerberos ticket with the telnet supplied
> with heimdal. Users have to do klog to work on their AFS home directories,
> so the clear password is transmitted over the network.
> I thought of modifying the telnetd source to let it automatically do a
> kinit. The keys of those users are stored in a keytab file on the telnet
> server. All I have to do is something like "kinit -k -t <keytab file>"
> after the user logged in properly with his one time password.

I wouldn't modify telnetd, login might be better.

Why not just modify the users login scripts though?
Brian May <bam@snoopy.apana.org.au>