Hi all, Anyone around who succeeded in doing a kinit, based on the credentials locked into a smartcard. Obviously not an amateur endeavour, so any experience with any distro / any version ? Started today exploring, with absolute zero access to the kerberos server. I can do a kinit providing username@REALM, and after supplying PWD, i do see with klist my TGT Q1) Is it enough to configure krb5.conf on the client? One search tells me: PKCS11:[module_name=]modname[:slotid=slot-id][:token=token-label][:certid=cert-id][:certlabel=cert-label] While another tells me that I also should provide the certificate of the kerberos-server Initially I'll test from inside, so hardly any firewall issues. But I know for sure, I'll have to ask to tweak our firewall, when trying from outside. Q2) Should opening of TCP-port 88 be enough, or is that impossible to predict? (and before telling, yes, i know this is rather client/server-time-critical) Kind regards, Hans -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org