ofranceschi; Greg Hudson; kerberos@mit.edu
> *Subject:* Re: Admin session expiry
>
> I did some experiments with admin session expiration. The sessions expires
> within around 6 minutes no matter what is set in max_life in kdc.conf.
> My guess is it is some hard coded value in KDC source
: Admin session expiry
I did some experiments with admin session expiration. The sessions expires
within around 6 minutes no matter what is set in max_life in kdc.conf.
My guess is it is some hard coded value in KDC source code determines the
expiry.
On Mon, Mar 11, 2019 at 11:55 AM Jeffrey
i Cai
> *Sent:* Monday, March 11, 2019 11:42
> *To:* Jeffrey Hutzelman
> *Cc:* John Devitofranceschi; Greg Hudson; kerberos@mit.edu
> *Subject:* Re: Admin session expiry
>
> Hi Jeffrey.
>
> I did some experiments with kadmin. It looks like by default, remote admin
>
To: Jeffrey Hutzelman
Cc: John Devitofranceschi; Greg Hudson; kerberos@mit.edu
Subject: Re: Admin session expiry
Hi Jeffrey.
I did some experiments with kadmin. It looks like by default, remote admin
sessions are authenticated with admin password. And in that case, the sessions
will never expired
imit the time these tickets are
> valid, and this the time during which it is possible to make admin requests.
>
>
> -- Jeff
>
>
> From: John Devitofranceschi
> Sent: Sunday, January 13, 2019 10:34
> To: Greg Hudson
> Cc: kerberos@mit.ed
From: John Devitofranceschi
Sent: Sunday, January 13, 2019 10:34
To: Greg Hudson
Cc: kerberos@mit.edu
Subject: Re: Admin session expiry
On Jan 13, 2019, at 1:49 AM, Greg Hudson wrote:
>
> On 1/11/19 11:08 AM, Yegui Cai wrote:
>> Any plan to add the capability
On Jan 13, 2019, at 1:49 AM, Greg Hudson wrote:
>
> On 1/11/19 11:08 AM, Yegui Cai wrote:
>> Any plan to add the capability of expiring admin sessions into a future
>> release?
>
> We can consider it, although it would come at a complexity cost in the
> network code. Can you describe why that
On 1/11/19 11:08 AM, Yegui Cai wrote:
> Any plan to add the capability of expiring admin sessions into a future
> release?
We can consider it, although it would come at a complexity cost in the
network code. Can you describe why that feature is important in your
deployment?
Hi Greg.
Any plan to add the capability of expiring admin sessions into a future
release?
Thanks!
Yegui
On Wed, Jan 2, 2019 at 11:30 AM Greg Hudson wrote:
> On 12/28/18 12:07 PM, Yegui Cai wrote:
> > Is there a way to configure KDC so that the admin session will expire if
> it
> > keeps
Thanks for the info.
On Wed, Jan 2, 2019 at 11:30 AM Greg Hudson wrote:
> On 12/28/18 12:07 PM, Yegui Cai wrote:
> > Is there a way to configure KDC so that the admin session will expire if
> it
> > keeps inactive for a period of time?
>
> There is not. However, if more than 45 connections are
On 12/28/18 12:07 PM, Yegui Cai wrote:
> Is there a way to configure KDC so that the admin session will expire if it
> keeps inactive for a period of time?
There is not. However, if more than 45 connections are active at one
time, kadmind will kick out the least recently used connection.
Hi all.
Is there a way to configure KDC so that the admin session will expire if it
keeps inactive for a period of time?
Thanks,
YC
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
12 matches
Mail list logo