[TUHS] YP / NIS / NIS+ / LDAP
Grant Taylor
gtaylor at tnetconsulting.net
Tue Nov 6 09:12:43 AEST 2018
On 11/05/2018 02:36 PM, Mantas Mikulėnas wrote:
> Sure, that's how the process of obtaining a TGT works in the first
> place. You send an AS-REQ packet with proof of password knowledge, you
> get an AS-REP with the TGT ticket back.
Thank you for confirming that such is possible.
> Not sure what part of the 'login' process you're referring to.
Vaguely ... /bin/login or the login prompt from SSH (which I /think/ is
independent of /bin/login.)
> * Credential verification? That's part of obtaining a TGT. You don't
> need a ticket to obtain the TGT – instead you submit proof that you know
> the password.
>
> * Retrieval of directory information (uid, gid, homedir)? The login
> process either uses its own "machine" credentials to do so, or just
> retrieves the information anonymously, depending on sysadmin's
> preference. (Or in the case of AD it's already stapled to the TGT to
> speed everything up.)
Thank you for explaining.
> Yes, that's exactly what happens. However, probably not for all of the
> same reasons as you imagine.
ACK
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://minnie.tuhs.org/pipermail/tuhs/attachments/20181105/dd6bd6b9/attachment.bin>
More information about the TUHS
mailing list