login.krb5
is a modification of the BSD login program which is used for two
functions. It is the sub-process used by krlogind and telnetd to
initiate a user session and it is a replacement for the command-line
login program which, when invoked with a password, acquires Kerberos
tickets for the user.
login.krb5
will prompt for a username, or take one on the command line, as
login.krb5 username
and will then prompt for a password. This password will be used to
acquire Kerberos Version 5 tickets (if possible.) It will also attempt
to run
aklog
to get AFS tokens for the user. The version 5 tickets will be
tested against a local
krb5.keytab
if it is available, in order to verify the tickets, before letting the
user in. However, if the password matches the entry in
/etc/passwd the user will be unconditionally allowed (permitting
use of the machine in case of network failure.)
OPTIONS
-p
preserve the current environment
-rhostname
pass hostname to rlogind. Must be the last argument.
-hhostname
pass hostname to telnetd, etc. Must be the last argument.