[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RedHat's pam_krb5 port for Heimdal

To: heimdal-discuss@sics.se
Subject: RedHat's pam_krb5 port for Heimdal
From: Balazs GAL <balsa@rit.bme.hu>
Date: 06 Jun 2002 10:49:50 +0200
Sender: owner-heimdal-discuss@sics.se

Hello!

I wrote the heimdal port for RedHat's pam_krb5.
I think Nalin Dahyabhai's pam_krb5 is best available 
pam_krb5 module at this time.
Thanks Nalim!

It's now able to get krb5 tgt,
convert krb5 tgt to krb4 tgt (krb524),
get afs tokens with krb5_afslog,
optinal native kth-krb4 ticket grabing,
and I wrote a new code which is usefull e.g at ssh with token
forwarding. It try to use and convert the forwarded krb5 tgt
to krb4 tgt and to afs tokens.
It is now in beta status.

Now we have little problem with "how to setting the timeouts for
heimdal."

MIT krb5 use 3 timeout variables:
extern int krb5_max_skdc_timeout;
extern int krb5_skdc_timeout_shift;
extern int krb5_skdc_timeout_1;

max_timeout          The maximum amount of time to wait for a response
                        from the KDCs, in seconds
timeout_shift        The amount to increase the timeout (by left
                        shifting) by after each failed request
initial_timeout      The time to wait for the first KDC to respond, in
                        seconds

It seems that with heimdal we can control the timeouts "only" with
one variable with context->kdc_timeout.
It is true?

Thanks

balsa

Follow-Ups:
- Re: RedHat's pam_krb5 port for Heimdal
  - From: joda@pdc.kth.se (Johan Danielsson)

Prev by Date: small fix for kpasswd...
Next by Date: Re: RedHat's pam_krb5 port for Heimdal
Prev by thread: Re: small fix for kpasswd...
Next by thread: Re: RedHat's pam_krb5 port for Heimdal
Index(es):
- Date
- Thread