We are using KERBEROS for our user logins, and it works great ... except that we are not fully benefiting from single-sign-on possibilities. For example, if a user wants to wants to read his e-mail, he has to re-enter his password to have access to the IMAP server (internal server in the same domain and realm). Or when he does SSH to another workstation, he also has to re-enter his password (or use public key authentication). Is there any way to set up PAM so that IMAP and SSH respect the user's KERBEROS certificate? -- Stefan Christians _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
