GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
LOGIN(8) FreeBSD System Manager's Manual LOGIN(8)

login.krb5 - kerberos enhanced login program

login.krb5 [-p] [-fFe username] [-r | -k | -K | -h hostname]

login.krb5 is a modification of the BSD login program which is used for two functions. It is the sub-process used by krlogind and telnetd to initiate a user session and it is a replacement for the command-line login program which, when invoked with a password, acquires Kerberos tickets for the user.

login.krb5 will prompt for a username, or take one on the command line, as login.krb5 username and will then prompt for a password. This password will be used to acquire Kerberos Version 5 tickets (if possible.) It will also attempt to run aklog to get AFS tokens for the user. The version 5 tickets will be tested against a local krb5.keytab if it is available, in order to verify the tickets, before letting the user in. However, if the password matches the entry in /etc/passwd the user will be unconditionally allowed (permitting use of the machine in case of network failure.)

-p
preserve the current environment
-r hostname
pass hostname to rlogind. Must be the last argument.
-h hostname
pass hostname to telnetd, etc. Must be the last argument.
-f name
Perform pre-authenticated login, e.g., datakit, xterm, etc.; allows preauthenticated login as root.
-F name
Perform pre-authenticated login, e.g., datakit, xterm, etc.; allows preauthenticated login as root.
-e name
Perform pre-authenticated, encrypted login. Must do term negotiation.

login.krb5 is also configured via krb5.conf using the login stanza. A collection of options dealing with initial authentication are provided:
krb5_get_tickets
Use password to get V5 tickets. Default value true.
krb_run_aklog
Attempt to run aklog. Default value false.
aklog_path
Where to find it [not yet implemented.] Default value $(prefix)/bin/aklog.
accept_passwd
Don't accept plaintext passwords [not yet implemented]. Default value false.

All diagnostic messages are returned on the connection or tty associated with stderr.

rlogind(8), rlogin(1), telnetd(8)

Search for    or go to Top of page |  Section 8 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.