From: djm Date: Mon, 8 Mar 2004 12:13:15 +0000 (+0000) Subject: - dtucker@cvs.openbsd.org 2004/03/08 10:18:57 X-Git-Tag: V_3_8_1_P1~36 X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/commitdiff_plain/24f378105b99205f86eb0f227fa445546fab4bf9 - dtucker@cvs.openbsd.org 2004/03/08 10:18:57 [sshd_config.5] Document KerberosGetAFSToken; ok markus@ --- diff --git a/ChangeLog b/ChangeLog index 0907dc55..e80159f9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -27,6 +27,9 @@ [ssh-keyscan.c] explicitly initialise remote_major and remote_minor. from cjwatson AT debian.org; ok markus@ + - dtucker@cvs.openbsd.org 2004/03/08 10:18:57 + [sshd_config.5] + Document KerberosGetAFSToken; ok markus@ 20040307 - (tim) [regress/login-timeout.sh] fix building outside of source tree. diff --git a/sshd_config.5 b/sshd_config.5 index 41228248..a8c86577 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.28 2004/02/17 19:35:21 jmc Exp $ +.\" $OpenBSD: sshd_config.5,v 1.29 2004/03/08 10:18:57 dtucker Exp $ .Dd September 25, 1999 .Dt SSHD_CONFIG 5 .Os @@ -300,6 +300,11 @@ To use this option, the server needs a Kerberos servtab which allows the verification of the KDC's identity. Default is .Dq no . +.It Cm KerberosGetAFSToken +If AFS is active and the user has a Kerberos 5 TGT, attempt to aquire +an AFS token before accessing the user's home directory. +Default is +.Dq no . .It Cm KerberosOrLocalPasswd If set then if password authentication through Kerberos fails then the password will be validated via any additional local mechanism