Add a no_prompt option to suppress the PAM module's prompt for the
user's password and defer all prompting to the Kerberos library. This
allows the Kerberos library to have complete control of the prompting
- process, which may be desireable if authentication mechanisms other
+ process, which may be desirable if authentication mechanisms other
than password are in use. Be aware that, with this option set, the
PAM module has no control over the contents of the prompt and cannot
store the user's password in the PAM data. Based on a patch by Yair
/*
* Set options for PKINIT. Only used with MIT Kerberos; Heimdal's
- * implementatin of PKINIT uses a separate API instead of setting
+ * implementation of PKINIT uses a separate API instead of setting
* get_init_creds options.
*/
#ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_PA
goto done;
}
- /* Detroy the temporary cache and put the new cache in the context. */
+ /* Destroy the temporary cache and put the new cache in the context. */
krb5_cc_destroy(ctx->context, ctx->cache);
ctx->cache = cache;
cache = NULL;
pkinit-cert
- Certificate and private key (concatinated together) for PKINIT
+ Certificate and private key (concatenated together) for PKINIT
authentication for the user listed in the pkinit-principal file.
Optional; PKINIT checks will be skipped if this file isn't present.