k5login(SFF)


k5login -- access control file for secure TCP/IP utilities and authenticated login

Format

   Principal_1	
   Principal_2	
   ...

Description

k5login provides access control for the SCO Secure TCP/IP Utilities, such as telnet, rlogin, ftp, rcmd, and rcp. By placing a principal name in the .k5login file, a user gives that principal the right to access the account without a password using secure ftp, rcmd, rcp, rlogin, or telnet. The functionality of the .k5login file resembles the functionality of the .rhosts file (see rhosts(SFF)).

The .k5login file must not have write permission for group and other. Only the owner may have write permission on this file. The owner must be either root or the user whose account is associated with $HOME. The .k5login file must be readable by root on the filesystem where it resides.

Examples

   zeus@kerberos.sco.com
   /.../kerberos.sco.com/cell_admin
   nakamura
All three principal names above are acceptable, assuming they exist in the local Security registry. The entry for nakamura is locally qualified, so it is assumed that the default realm is kerberos.sco.com (see krb.conf(SFF)).

Both the DCE and Kerberos syntax for principal names are accepted, as well as local-realm-qualified names. For portability, users may wish to use only the user@realm_name format (Kerberos Version 5).

Files


$HOME/.k5login
pathname of .k5login

See also

krb.conf(SFF)

Standards conformance

k5login is not part of any currently supported standard. It is an extension of AT&T UNIX System V provided by The Santa Cruz Operation, Inc.
© 2005 The SCO Group, Inc. All rights reserved.
SCO OpenServer Release 6.0.0 -- 02 June 2005