1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-20 04:02:27 +00:00
freebsd-ports/security/krb5-16/files/README.FreeBSD
Cy Schubert 6108625cb9 In order to make the MIT KRB5 port compatible with FreeBSD, the port
now makes use of login.conf and login.access.  This is performed by
using FreeBSD login(1) instead of MIT KRB5 login.krb5(8).

The MIT KRB5 login.krb5(8) can still be used by specifying "-L" in
the klogind and telnetd arguments in inetd.conf.  This is documented
in a new file called README.FreeBSD.

Reviewed by:	nectar
2002-01-08 15:05:08 +00:00

33 lines
1.6 KiB
Plaintext

The MIT KRB5 port provides its own login program at
${PREFIX}/sbin/login.krb5. However, login.krb5 does not make use of
the FreeBSD login.conf and login.access files that provide a means of
setting up and controlling sessions under FreeBSD. To overcome this,
the MIT KRB5 port uses the FreeBSD /usr/bin/login program to provide
interactive login password authentication instead of the login.krb5
program provided by MIT KRB5. The FreeBSD /usr/bin/login program does
not have support for Kerberos V password authentication,
e.g. authentication at the console. The pam_krb5 port must be used to
provide Kerberos V password authentication.
For more information about pam_krb5, please see pam(8) and pam_krb5(8).
If you wish to use login.krb5 that is provided by the MIT KRB5 port,
the arguments "-L ${PREFIX}/sbin/login.krb5" must be
specified as arguments to klogind and KRB5 telnetd, e.g.
klogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -L ${PREFIX}/sbin/login.krb5
eklogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -e -L ${PREFIX}/sbin/login.krb5
telnet stream tcp nowait root ${PREFIX}/sbin/telnetd telnetd -a none -L ${PREFIX}/sbin/login.krb5
Additionally, if you wish to use the MIT KRB5 provided login.krb5 instead
of the FreeBSD provided /usr/bin/login for local tty logins,
"lo=${PREFIX}/sbin/login.krb5" must be specified in /etc/gettytab, e.g.,
default:\
:cb:ce:ck:lc:fd#1000:im=\r\n%s/%m (%h) (%t)\r\n\r\n:sp#1200:\
:if=/etc/issue:\
:lo=${PREFIX}/sbin/login.krb5:
It is recommended that the FreeBSD /usr/bin/login be used with the
pam_krb5 port instead of the MIT KRB5 provided login.krb5.