On Sun, 2003-08-24 at 11:21, Steve Langasek wrote: > On Sun, Aug 24, 2003 at 11:19:22AM +0900, Christians, Stefan Mr. wrote: > > We are using KERBEROS for our user logins, and it works great ... except > > that we are not fully benefiting from single-sign-on possibilities. > > > For example, if a user wants to wants to read his e-mail, he has to > > re-enter his password to have access to the IMAP server (internal server > > in the same domain and realm). > > > Or when he does SSH to another workstation, he also has to re-enter his > > password (or use public key authentication). > > > Is there any way to set up PAM so that IMAP and SSH respect the user's > > KERBEROS certificate? > > No. Install Kerberos-enabled imap and ssh servers, and use > Kerberos-aware clients. Now that was a fast reply. Thanks. So may I conclude that stock IMAP and openSSH as well as Ximian Evolution distributed with RH8 and RH9 are not Kerberos-aware? -- Stefan Christians _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
