Hi,
I have pam modules set to give my users a kerberos ticket at the console. When my users log in at the console with a smartcard (crypto card) they get a ticket good for 12 hours.
For Example:
judy@monterey ~]$ k5list Ticket cache: FILE:/tmp/krb5cc_2383_PNqXXX Default principal: judy@xxxxxxxx
Valid starting Expires Service principal 06/03/04 08:41:50 06/03/04 18:41:41 krbtgt/lanl.gov@xxxxxxxx 06/03/04 08:43:54 06/03/04 18:41:41 host/dyquem.lanl.gov@xxxxxxxx
When my users use screenlock and come back to unlock the screen with a smartcard, I would like them to get a kerberos ticket renewed for another 12 hours.
Do any of you have any experience with this?
Thanks,
Judy
--
Judy Hamilton L I N U X .~.
Los Alamos National Lab The Choice /V\
System Network Administrator of a GNU /( )\
Information System Security Officer Generation ^^_^^
Los Rios and Sierra LAN
office 505-665-8228
pager 104-6384_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
