[sudo-users] Sudo and kerberos's ticket

JR Aquino JR.Aquino at citrix.com
Fri Apr 8 11:29:52 EDT 2011


On Apr 8, 2011, at 8:05 AM, "Stefano Elmopi" <stefano.elmopi at sociale.it> wrote:

> 
> 
> Hi,
> 
> I'm setting up a centralized Kerberos/LDAP authentication system and trying to get sudo to use 
> Kerberos's ticket, without asking for password when I use it, typing the password, everything works.
> I enter into the server with the Kerberos's ticket and I wish that when I type the commands
> permitted by the sudo, sudo use Kerberos's ticket.
> Is it possible ??
> My SO is CentOS release 5.5 and Sudo version 1.7.2p1 and is the default package of the distribution.

To the best of my knowledge, you need to manually set this option at compile time. I don't believe it's setup by default in the rpm.

Also, if you are trying to centralize Ldap/Kerberos and Sudo, I might suggest looking at http://freeipa.org (Identity, Policy, Audit)

It provides a framework method for administering ldap, Kerberos, and Sudo both with cli and webui.

~~~~~~~~~~~~~~~~~~~~~~
Jr Aquino
Info. Security Specialist
Citrix Online
Jr.Aquino at citrixonline.com
805.690.3478
GCIH, CCNA


More information about the sudo-users mailing list