renewing of kerbero ticket at screenlock
Judy Hamilton
judy at lanl.gov
Thu Jun 3 15:44:48 UTC 2004
Hi,
I have pam modules set to give my users a kerberos ticket at the
console. When my users log in at the console with a smartcard (crypto
card) they get a ticket good for 12 hours.
For Example:
judy at monterey ~]$ k5list
Ticket cache: FILE:/tmp/krb5cc_2383_PNqXXX
Default principal: judy at lanl.gov
Valid starting Expires Service principal
06/03/04 08:41:50 06/03/04 18:41:41 krbtgt/lanl.gov at lanl.gov
06/03/04 08:43:54 06/03/04 18:41:41 host/dyquem.lanl.gov at lanl.gov
When my users use screenlock and come back to unlock the screen with a
smartcard, I would like them to get a kerberos ticket renewed for
another 12 hours.
Do any of you have any experience with this?
Thanks,
Judy
--
Judy Hamilton L I N U X .~.
Los Alamos National Lab The Choice /V\
System Network Administrator of a GNU /( )\
Information System Security Officer Generation ^^_^^
Los Rios and Sierra LAN
office 505-665-8228
pager 104-6384
More information about the Pam-list
mailing list