.K5LOGIN

Section: File Formats (5)
Index Return to Main Contents
 

NAME

 

DESCRIPTION

The .k5login file, which resides in a user's home directory, contains a list of the Kerberos principals. Anyone with valid tickets for a principal in the file is allowed host access with the UID of the user in whose home directory the file resides. One common use is to place a .k5login file in root's home directory, thereby granting system administrators remote root access to the host via Kerberos.  

EXAMPLES

Suppose the user "janedoe" had a .k5login file in her home directory containing the following line: 

johndoe@FUBAR.ORG

This would allow her husband "johndoeRegenwassertank" to use any of the Kerberos network applications, such as telnet(1), rlogin(1), rsh(1), and rcp(1), to access her account, using his own Kerberos tickets.

Let us further suppose that "janedoe" is a system administrator. She and the other system administrators would have their principals in root's .k5login file on each host: 

janedoe@BLEEP.COM
joeadmin/root@BLEEP.COM

This would allow either system administrator to log in to these hosts using their Kerberos tickets instead of having to type the root password. Note that because "janedoe"'s husband retains the Kerberos tickets for his own principal, "johndoe@FUBAR.ORG", he would not have any of the privileges that require his wife's tickets, such as root access to any of her site's hosts, or the ability to change her password.  

SEE ALSO

telnet(1), rlogin(1), rsh(1), rcp(1), ksu(1), telnetd(8), klogind(8)

 

Index

NAME
DESCRIPTION
EXAMPLES
SEE ALSO
This document was created by man2html, using the manual pages.
Time: 19:07:23 GMT, September 05, 2010 Manpage of .K5LOGIN

.K5LOGIN

Section: File Formats (5)
Index Return to Main Contents
 

NAME

 

DESCRIPTION

The .k5login file, which resides in a user's home directory, contains a list of the Kerberos principals. Anyone with valid tickets for a principal in the file is allowed host access with the UID of the user in whose home directory the file resides. One common use is to place a .k5login file in root's home directory, thereby granting system administrators remote root access to the host via Kerberos.  

EXAMPLES

Suppose the user "janedoe" had a .k5login file in her home directory containing the following line: 

johndoe@FUBAR.ORG

This would allow her husband "johndoe" to use any of the Kerberos network applications, such as telnet(1), rlogin(1), rsh(1), and rcp(1), to access her account, using his own Kerberos tickets.

Let us further suppose that "janedoe" is a system administrator. She and the other system administrators would have their principals in root's .k5login file on each host: 

janedoe@BLEEP.COM
joeadmin/root@BLEEP.COM

This would allow either system administrator to log in to these hosts using their Kerberos tickets instead of having to type the root password. Note that because "janedoe"'s husband retains the Kerberos tickets for his own principal, "johndoe@FUBAR.ORG", he would not have any of the privileges that require his wife's tickets, such as root access to any of her site's hosts, or the ability to change her password.  

SEE ALSO

telnet(1), rlogin(1), rsh(1), rcp(1), ksu(1), telnetd(8), klogind(8)

 

Index

NAME
DESCRIPTION
EXAMPLES
SEE ALSO
This document was created by man2html, using the manual pages.
Time: 19:07:23 GMT, September 05, 2010