24 May
2013
24 May
'13
6:27 p.m.
Hi,
I didn't quite mean that: yes, that is 'passwordless' in a sense, but you still have to have typed a password into kinit fairly recently.
What I meant was that with 2.2 it's finally possible to set a list of krb5 principals for imap which is different from the list in .k5login. This makes it possible to create special-purpose principals, which can have their keys put in a keytab, which can then log on as an ordinary imap user.
perhaps I misunderstand you, but something like
kinit -k -t /path/to/keytab
authenticates w/o the need of typing a password.
Cheers Dirk