Hi everyone
Short: Is there a way to check how long the cached credentials of a specific user are still valid?
Somewhat longer:
When I'm offline and I log in with cached credentials, it says something like "Authenticated with cached credentials, your cached password will expire at: XYZ".
Unfortunately,
# sssctl user-show <wid>
doesn't show this information...
I've checked with the cache file in /var/lib/sss/db/cache_<domain>.ldb. The relevant field is probably the "lastOnlineAuth" field, or the "lastLogin" field. Is there a way to instruct SSSD to reveal those fields to a user process without doing a full authentication?
Thanks & Regards
--David Wittwer
Won't `klist` do it? --- Francis Augusto Medeiros-Logeay Oslo, Norway
On 2022-05-11 16:23, David Wittwer wrote:
Hi everyone
Short: Is there a way to check how long the cached credentials of a specific user are still valid?
Somewhat longer:
When I'm offline and I log in with cached credentials, it says something like "Authenticated with cached credentials, your cached password will expire at: XYZ".
Unfortunately,
# sssctl user-show <wid>
doesn't show this information...
I've checked with the cache file in /var/lib/sss/db/cache_<domain>.ldb. The relevant field is probably the "lastOnlineAuth" field, or the "lastLogin" field. Is there a way to instruct SSSD to reveal those fields to a user process without doing a full authentication?
Thanks & Regards
--David Wittwer
sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o... Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Sorry, wrong list, I thought this was a kerberos question, and I sent the answer too quickly...
--- Francis Augusto Medeiros-Logeay Oslo, Norway
On 2022-05-11 20:19, Francis Augusto Medeiros-Logeay wrote:
Won't `klist` do it?
Francis Augusto Medeiros-Logeay Oslo, Norway
On 2022-05-11 16:23, David Wittwer wrote:
Hi everyone
Short: Is there a way to check how long the cached credentials of a specific user are still valid?
Somewhat longer:
When I'm offline and I log in with cached credentials, it says something like "Authenticated with cached credentials, your cached password will expire at: XYZ".
Unfortunately,
# sssctl user-show <wid>
doesn't show this information...
I've checked with the cache file in /var/lib/sss/db/cache_<domain>.ldb. The relevant field is probably the "lastOnlineAuth" field, or the "lastLogin" field. Is there a way to instruct SSSD to reveal those fields to a user process without doing a full authentication?
Thanks & Regards
--David Wittwer
sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o... Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o... Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
sssd-users@lists.fedorahosted.org
-
David Wittwer -
Francis Augusto Medeiros-Logeay