search for: user_xyz

...ation is for. Before compiling a more recent version of cifs-utils to get the 'multiuser' option, I tested this 'sec=krb5' option more thoroughly. If my observations were correct, it turns out: if you use it (together with 'cruid=12345'), you can't have 'username=user_xyz' as an option, too. You do either (username and) password-based authentication, or you use an existing kerberos cache for that. This was formerly acquired interactively via username/password, and that way you have something like a single sign-on. This is what works so far: 1. log in as th...

...mpiling a more recent version of cifs-utils to get the >> 'multiuser' option, I tested this 'sec=krb5' option more thoroughly. If my >> observations were correct, it turns out: if you use it (together with >> 'cruid=12345'), you can't have 'username=user_xyz' as an option, too. You >> do either (username and) password-based authentication, or you use an >> existing kerberos cache for that. This was formerly acquired interactively >> via username/password, and that way you have something like a single >> sign-on. >> &gt...

...ls to get the >>>> 'multiuser' option, I tested this 'sec=krb5' option more thoroughly. If >>>> my >>>> observations were correct, it turns out: if you use it (together with >>>> 'cruid=12345'), you can't have 'username=user_xyz' as an option, too. You >>>> do either (username and) password-based authentication, or you use an >>>> existing kerberos cache for that. This was formerly acquired >>>> interactively >>>> via username/password, and that way you have something lik...

...t; Before compiling a more recent version of cifs-utils to get the > 'multiuser' option, I tested this 'sec=krb5' option more thoroughly. If my > observations were correct, it turns out: if you use it (together with > 'cruid=12345'), you can't have 'username=user_xyz' as an option, too. You > do either (username and) password-based authentication, or you use an > existing kerberos cache for that. This was formerly acquired interactively > via username/password, and that way you have something like a single > sign-on. > > This is what works...

...sion of cifs-utils to get the >>> 'multiuser' option, I tested this 'sec=krb5' option more thoroughly. If >>> my >>> observations were correct, it turns out: if you use it (together with >>> 'cruid=12345'), you can't have 'username=user_xyz' as an option, too. You >>> do either (username and) password-based authentication, or you use an >>> existing kerberos cache for that. This was formerly acquired >>> interactively >>> via username/password, and that way you have something like a single >&...

...ls to get the >>>> 'multiuser' option, I tested this 'sec=krb5' option more thoroughly. If >>>> my >>>> observations were correct, it turns out: if you use it (together with >>>> 'cruid=12345'), you can't have 'username=user_xyz' as an option, too. You >>>> do either (username and) password-based authentication, or you use an >>>> existing kerberos cache for that. This was formerly acquired >>>> interactively >>>> via username/password, and that way you have something lik...

>> I mean, putting the key in the keytab looks like a security risk to me. > In what way does it appear any more of a risk than having the keys > which you have there already? Even if someone steals the keytab, > they're gonna be hard pressed to crack the key in the few hours before > the tgt expires. Do you have very sensitive data maybe? Ok. And maybe I misunderstood

...t;>> 'multiuser' option, I tested this 'sec=krb5' option more thoroughly. > If > >>>> my > >>>> observations were correct, it turns out: if you use it (together with > >>>> 'cruid=12345'), you can't have 'username=user_xyz' as an option, too. > You > >>>> do either (username and) password-based authentication, or you use an > >>>> existing kerberos cache for that. This was formerly acquired > >>>> interactively > >>>> via username/password, and that w...

...t;>>>> 'multiuser' option, I tested this 'sec=krb5' option more thoroughly. If >>>>> my >>>>> observations were correct, it turns out: if you use it (together with >>>>> 'cruid=12345'), you can't have 'username=user_xyz' as an option, too. You >>>>> do either (username and) password-based authentication, or you use an >>>>> existing kerberos cache for that. This was formerly acquired >>>>> interactively >>>>> via username/password, and that way you ha...