[OpenAFS] arg, ssh and afs was the subject
Derek Atkins
warlord@MIT.EDU
17 Jul 2001 10:55:28 -0400
In the long run it is much better for use Krb5 TGT passing because
that way you can use _other_ K5 services from your remote login.
-derek
"Charles Clancy" <mgrtcc@cs.rose-hulman.edu> writes:
> We have 2 cells. Our first cell is running K5 and uses pam-krb5 and
> pam-aklog. As far as I know, TGT passing is not possible. Our second
> cell is not kerberized. We use pam-afs.krb, OpenSSH K4 TGT passing, and
> pam-afslog. Someone right now is working on AFS token passing in the
> kerberized cell. In theory, you don't need to forward your TGT in order
> to forward your token. I'm not sure how successful they will be,
> however. The --with-afs flag assumes you are using K4, and
> --with-kerberos4. I'm not sure how it internally passes the AFS token
> -- whether it passes the TGT and gets a new token, or not.
> _________________________________________
> Charles Clancy, mgrtcc@cs.rose-hulman.edu
> sysadmin emeritus - RHIT Computer Science
>
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available