diff options
| author | Sumit Bose <sbose@redhat.com> | 2009-11-11 14:16:41 +0100 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2009-11-20 11:18:49 -0500 |
| commit | 9c49fb9a7cb6aa87a7bce1865887d6e4f78ce5fd (patch) | |
| tree | 01eab02d15e4689f6df79dbe7b95d699987ce43b /server/man | |
| parent | eb78b771fe2beefef84295673e36eb3fbb11730a (diff) | |
| download | sssd-9c49fb9a7cb6aa87a7bce1865887d6e4f78ce5fd.tar.gz sssd-9c49fb9a7cb6aa87a7bce1865887d6e4f78ce5fd.tar.xz sssd-9c49fb9a7cb6aa87a7bce1865887d6e4f78ce5fd.zip | |
Validate Kerberos credentials with local keytab
Diffstat (limited to 'server/man')
| -rw-r--r-- | server/man/sssd-ipa.5.xml | 17 | ||||
| -rw-r--r-- | server/man/sssd-krb5.5.xml | 25 |
2 files changed, 42 insertions, 0 deletions
diff --git a/server/man/sssd-ipa.5.xml b/server/man/sssd-ipa.5.xml index 31ce824a8..2751591f3 100644 --- a/server/man/sssd-ipa.5.xml +++ b/server/man/sssd-ipa.5.xml @@ -94,6 +94,23 @@ </listitem> </varlistentry> + <varlistentry> + <term>krb5_validate (boolean)</term> + <listitem> + <para> + Verify with the help of krb5_keytab that the TGT + obtained has not been spoofed. + </para> + <para> + Default: true + </para> + <para> + Please note that this default differs from the + traditional kerberos provider backend. + </para> + </listitem> + </varlistentry> + </variablelist> </para> </refsect1> diff --git a/server/man/sssd-krb5.5.xml b/server/man/sssd-krb5.5.xml index 1f86b49cb..1ca283142 100644 --- a/server/man/sssd-krb5.5.xml +++ b/server/man/sssd-krb5.5.xml @@ -178,6 +178,31 @@ </listitem> </varlistentry> + <varlistentry> + <term>krb5_validate (boolean)</term> + <listitem> + <para> + Verify with the help of krb5_keytab that the TGT obtained has not been spoofed. + </para> + <para> + Default: false + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>krb5_keytab (string)</term> + <listitem> + <para> + The location of the keytab to use when validating + credentials obtained from KDCs. + </para> + <para> + Default: /etc/krb5.keytab + </para> + </listitem> + </varlistentry> + </variablelist> </para> </refsect1> |