Lifetime of Kerberos tickets

后端未结

关注

 2  1502

说谎 2020-12-23 11:59

I have started with configuring kerberos.

Can anyone explain the ticket lifetime and renew lifetime we set in the krb5.conf file.

ticket_lifetime = 2


      
      
        
          2条回答        

        
                    
            
            
                         
                
              
              
                
                   忘掉有多难
                                             
                
                
                (楼主)
            
              
              
                2020-12-23 12:07
              

            
            
                        
There are two part of this one is ticket max life which is by default 1 day as det in /etc/krb5.conf file. Now when we create any principal its ticket maxlife is same as that of the krb5.conf ticket_lifetime. If we can to change the ticket life time for the user then give the command modprinc -maxlife "10 hrs" username.

Finally while generating the ticket we can set the life of that ticket. give the ticket life with kinit.

So there are three life. 


kerberos ticket life time
principal max ticket life time which will be less than or equal to kerberos life time.
kinit life time which is less that or equal to principal ticket life time.

    
             
                                                        
            
            
              
                
                0
              
                   
                
               讨论(0)
              
                                                  
              
              
                          
             
       
          
              
                                       
     查看其它2个回答


            
                         
                    


               
            
    发布评论:
    
         
                        
    
    提交评论 
  
  

                    
                    
                    
                        
                        
                         加载中...
                        
                    
                
          
                              			
        
        
        
          
            
            
              
              
            
    


                                 
              
            
                          
    

        
         
                验证码
                
                  
                
                
                   看不清?
                
              
                                  
                    
   
                 
             
              提交回复