[login]
Each tag in the [login] section of the file is an option for
login.krb5.  This section may contain any of the following relations:
     
- krb5_get_tickets
     
- Indicate whether or not to use a user's password to get V5 tickets. 
The default value is true.
     
- krb4_get_tickets
     
- Indicate whether or not to user a user's password to get V4 tickets. 
The default value is false.
     
- krb4_convert
     
- Indicate whether or not to use the Kerberos conversion daemon to get V4
tickets.  The default value is false.  If this is
set to false and krb4_get_tickets is true, then login will get the V5
tickets directly using the Kerberos V4 protocol directly.  This does
not currently work with non-MIT-V4 salt types (such as the AFS3 salt
type).  Note that if this is set to true and krb524d is not running,
login will hang for approximately a minute under Solaris, due to a
Solaris socket emulation bug.
     
- krb_run_aklog
     
- Indicate whether or not to run aklog.  The default value is
false.
     
- aklog_path
     
- Indicate where to find aklog.  The default value is
$(prefix)/bin/aklog.
     
- accept_passwd
     
- A true value will cause login not to accept plaintext passwords.  The
default value is false.  This is not yet
implemented.