/etc/krb5.conf
/etc/krb5.keytab
<username>
is the username of a user with Kerberos admin privileges (you know if you have them), and <FQDN>
is the fully qualified name of a host, for example ras1.csl.tjhsst.edu
.pam_krb5
and sssd
to control logins. On Ubuntu systems, we modify /etc/pam.d/common-auth
. On Arch/Gentoo/other systems, we modify /etc/pam.d/system-auth
.pam_permit
as defined in the success
parameter./etc/pam.d/common-password
or the root password
directive module:pam_krb5.so
session module. Add this to /etc/pam.d/common-session
on Ubuntu, or /etc/pam.d/system-auth
or whatever has the root session
directives on other systems:/root/.k5login
/etc/ssh/sshd_config
/etc/ssh/sshd_config
and restart sshd
:ksu
access to two systems to ksu
or kinit
on one and then ssh as root to the other system without requiring a password./etc/krb5.conf
/etc/krb5.keytab
/etc/inetd.conf