On Mon, Aug 04, 2003 at 03:22:27PM -0700, cody wang wrote: > if I have kerberos, I can just login one time for all the clients, am I I don't think so. I'm no LDAP/Kerberos guru but it's my understanding that if you log in on one machine it creates a ticket (in /tmp) that can be forwarded to other machines. It's almost a bit like public-key encryption, only the key times out. So, no, you have to enter your password on every machine you log on to. Think about it this way: if you log onto machine A and fred logs on to machine B he'd have your account, etc. if what you were asking were true. With kerberos the idea is that it's ``single sign-on'' so once you authenticate you no longer get prompted for remote services requested from that machine. i.e. when SSHing to other servers (that are configured to use Kerberos), POP, etc. Hope that's (correct) and some help, -lewiz. -- I was so much older then, I'm younger than that now. --Bob Dylan, 1964. ------------------------------------------------------------------------ -| msn:purple@lewiz.net | jab:lewiz@jabber.org | url:http://lewiz.net |-
Attachment:
pgpq3kueZaIo2.pgp
Description: PGP signature