* g...@enjellic.com g...@enjellic.com [2009-05-12 10:18]:
The user uses the ~S command to initiate the sequence. The user is
prompted for a password which is used to obtain a TGT which is then
used to obtain a service ticket which is sent over the channel for
authentication. By enforcing a
* Christopher D. Clausen cclau...@acm.org [2009-05-07 16:43]:
pete...@bigfoot.com wrote:
Main reason for not setting NOPASSWD is because I don't have control
over the sudoers file on most of the systems I have access to. And
the SA's are very reluctant to use NOPASSWD.
Do you know about
Is there a version of sudo that supports Ticket Exchange?
ie. if I have valid TGT it will allow me to sudo without being prompted
for a password?
It appears there is a version that supports the use of Kerberos passwords,
but I'm looking for something that uses that TGT I already have.
: Sudo w/Ticket Support
Afaik that's not available yet (however, you could integrate it yourself).
But if you already obtained a TGT, why bother authenticating again? But not use
just use NOPASSWD.
Met vriendelijke groet
Best regards
Bien à vous
Miguel SANDERS
ArcelorMittal Gent
UNIX Systems
: donderdag 7 mei 2009 20:21
Aan: kerberos@mit.edu
Onderwerp: Sudo w/Ticket Support
Is there a version of sudo that supports Ticket Exchange?
ie. if I have valid TGT it will allow me to sudo without being prompted for a
password?
It appears there is a version that supports the use of Kerberos
On Thu, 7 May 2009, miguel.sand...@arcelormittal.com wrote:
Afaik that's not available yet (however, you could integrate it yourself).
bummer.
But if you already obtained a TGT, why bother authenticating again?
Because sudo prompts me. That's what I'm trying to avoid. I'd like sudo
to
pete...@bigfoot.com wrote:
Main reason for not setting NOPASSWD is because I don't have control
over the sudoers file on most of the systems I have access to. And
the SA's are very reluctant to use NOPASSWD.
Do you know about the ksu command?
Or using a ~root/.k5login and ssh -o
pete...@bigfoot.com writes:
I'd like sudo to look at my ticket cache, see that I already have a
valid TGT and give me access without being prompted for a password.
If it helps at all, this is what ksu does. It's more limited than sudo,
but it does have some facilities for letting people run