K5LOGIN(5) MIT Kerberos K5LOGIN(5)NAME
k5login - Kerberos V5 acl file for host access
DESCRIPTION
The .k5login file, which resides in a user's home directory, contains a list of the Kerberos principals. Anyone with valid tickets for a
principal in the file is allowed host access with the UID of the user in whose home directory the file resides. One common use is to place
a .k5login file in root's home directory, thereby granting system administrators remote root access to the host via Kerberos.
EXAMPLES
Suppose the user alice had a .k5login file in her home directory containing the following line:
bob@FOOBAR.ORG
This would allow bob to use Kerberos network applications, such as ssh(1), to access alice's account, using bob's Kerberos tickets.
Let us further suppose that alice is a system administrator. Alice and the other system administrators would have their principals in
root's .k5login file on each host:
alice@BLEEP.COM
joeadmin/root@BLEEP.COM
This would allow either system administrator to log in to these hosts using their Kerberos tickets instead of having to type the root pass-
word. Note that because bob retains the Kerberos tickets for his own principal, bob@FOOBAR.ORG, he would not have any of the privileges
that require alice's tickets, such as root access to any of the site's hosts, or the ability to change alice's password.
SEE ALSO kerberos(1)AUTHOR
MIT
COPYRIGHT
1985-2013, MIT
1.11.3K5LOGIN(5)
Check Out this Related Man Page
.K5LOGIN(5) File Formats Manual .K5LOGIN(5)NAME
.k5login - Kerberos V5 acl file for host access.
DESCRIPTION
The .k5login file, which resides in a user's home directory, contains a list of the Kerberos principals. Anyone with valid tickets for a
principal in the file is allowed host access with the UID of the user in whose home directory the file resides. One common use is to place
a .k5login file in root's home directory, thereby granting system administrators remote root access to the host via Kerberos.
EXAMPLES
Suppose the user "alice" had a .k5login file in her home directory containing the following line:
bob@FUBAR.ORG
This would allow "bob" to use any of the Kerberos network applications, such as telnet(1), rlogin(1), rsh(1), and rcp(1), to access alice's
account, using bob's Kerberos tickets.
Let us further suppose that "alice" is a system administrator. Alice and the other system administrators would have their principals in
root's .k5login file on each host:
alice@BLEEP.COM
joeadmin/root@BLEEP.COM
This would allow either system administrator to log in to these hosts using their Kerberos tickets instead of having to type the root pass-
word. Note that because "bob" retains the Kerberos tickets for his own principal, "bob@FUBAR.ORG", he would not have any of the privileges
that require alice's tickets, such as root access to any of the site's hosts, or the ability to change alice's password.
SEE ALSO telnet(1), rlogin(1), rsh(1), rcp(1), ksu(1), telnetd(8), klogind(8)
.K5LOGIN(5)
Hello
If you want a short description read my last thread!
I have no root access anymore. No remote access! By user access i get a programm started and when i close it, i got logged off!
So I guess I messed up the passwd file!
is there a chance of booting a unix system (SCO-UNIX UnixWare... (15 Replies)
We have several people that log in using root. What I need to do is have everyone to log in using there own account then su to root. How would I do this. We have aix 4.2 (5 Replies)
Hi, I've just managed to install openssh in my home directory on a server I have access to by using --prefix=$HOME/local after ./configure. Another thing I was having trouble with without root access was privilege separation, so I disabled that in my sshd_config. However, when I run... (10 Replies)
Hi!
i'm using FreeBSD 6.2 and hosting my pc to frens
in particular of sensitive information being saved to the PC, i would like to know is it possible for me to restrict user access to their /home dir. only?
and also, i wanted to restrict them listing files under /etc
thanks all! (10 Replies)
I am searching while I await a response to this so if it has been asked already I apologize.
I have a file with lines in it that look like:
bob johnson email@email.org
I need it to look like:
bob:johnson:email@email.org
I am trying to use sed like this:
sed -e 's/ /:/g' file >... (5 Replies)
I have file with this type of format
01.02.09 08:30
bob
jill
mark
01.04.09 07:00
bob
jill
mark
tom
I want to count the names after the date /ime line (01.02.09 08:30) and add that number after the time like this
01.02.09 08:30 3
01.04.09 07:00 4
I don't care about... (6 Replies)
I need a bash script that every day at 4 am verifys the home user directory for the next entrys
- Registers all user action in root/login/checl.log
- Excluds UID inferior then 500 and that home/dev/null
- Create's the the user home directory if it does not exist
- guarantees that the the home... (8 Replies)
Hi,
I would like to know if there is anyway that I can pinpoint the user before/after he connects to the root? Also, I'm trying to find out what are the commands he inputs under root access. (6 Replies)
I am using Ubuntu 10.10.
I want to access root home directory (~) through GUI and want access to its content. I login from administrator who is the only login user and have all rights for it. I can access the content through terminal but can't do it through GUI.
Remedy my problem (5 Replies)
Is it possible to switch to root(if allowed) and then with root privileges switch to another user account "ABC"? To further explain the scenario, ABC is an account which has sugroups=su2DEF and root is not part of su2DEF group. but, given that root can switch to any account(correct me if I am... (7 Replies)
HI i am trying to give su access to some users say X Y and Z to a account AB . I am able to give them su access to root with the help of sudoers file but i want to give them password less access to AB account which i am not able to do .
I want to this
when user X fires "su - AB" he is not... (9 Replies)
#!/bin/sh
for ip in $(cat /root/Desktop/ftp.txt)
do
HOST=$ip
USER='bob'
PASS='bob'
ftp -n $HOST <<EOF
user bob bob
EOF
echo "$ip"
done
the Above code i want to use check and verify login works on multiple ftp servers on my network. However the ftp servers are dynamic in setup... (5 Replies)
Hi All,
I have a root access for one of the server. But, when i try to cd one particular directory i will get the access denied message. Even though that particular directory is created under root. What would be the cause for this? I really wonder if any one have answer for my... (20 Replies)
Hi,
I know that
echo "bob alice robert alice" | awk '{print index($0,"alice")}'
5Will output the index of the first alice match, is there any way to get the index of all matches?, eg:
echo "bob alice robert alice" | awk 'unknown magic'
5:18Thanks for your time. (6 Replies)