forked from Controls/gitea-pages
add another Kerberos use case to care about
This commit is contained in:
+2
-1
@@ -65,6 +65,7 @@ also the tickets therein.
|
||||
- ssh TGT (ticket granting ticket) delegation (with `GSSAPIDelegateCredentials yes`)
|
||||
- AFS authentication (`aklog`)
|
||||
- AFS administrative operations where the user switches to a separate admin principal (e.g. `buchel_k-adm`)
|
||||
- long running sessions with `nohup`, `tmux` and `screen`
|
||||
- local desktop: get new TGT on login
|
||||
- local desktop: TGT renewal after reauthentication on lock screen
|
||||
- remote desktop with NoMachine NX: get new TGT on login
|
||||
@@ -329,4 +330,4 @@ At the end we have a well known shared credential cache between Gnome and `syste
|
||||
With NoMachine NX this is configured similarly.
|
||||
|
||||
## PS
|
||||
There is an advanage in the broken `sssd-kcm` default cache selection: it forces us to make our stuff robust against KCM glitches, which might also occur with a better manager, just way less often and then it would be more harder to explain and to track down.
|
||||
There is an advantage in the broken `sssd-kcm` default cache selection: it forces us to make our stuff robust against KCM glitches, which might also occur with a better manager, just way less often and then it would be more harder to explain and to track down.
|
||||
|
||||
Reference in New Issue
Block a user