[OpenAFS] Kerberos Authentication with OpenAFS.

Derek Atkins openafs-info@openafs.org
10 May 2002 21:55:52 -0400

You will need:
        afs/<cell>@REALM in kerberos, with a des-cbc-crc key only
        aklog and asetkey (from the krb5-afs migration kit)

Extract your des-cbc-crc key into a keytab, use asetkey to create
the KeyFile, then use kinit/aklog to get AFS tokens (in lieu of
klog).  You will NOT need kaserver.


David Fulton <dfulton25@attbi.com> writes:

> What is the procedure for using Open AFS with an existing Kerberos
> Installation. I am currently running Sun Enterprise Authentication
> Mechanisim (Otherwise known as Kerberos 5) and am not quite sure what
> to do about getting AFS to use it instead of the builtin stuff. Also,
> I have a Win98 machine and can get tickets from it and a UNIX server
> can telnet -x and get encrypted connections. This supposedly means
> that Kerberos is set up properly. I am assuming it is just a matter of
> adding the right pricipal for the server to Kerberos and changing some
> of the binaries. Please let me know if I should beware of anything
> else. Also, what is the principal name I should use for the AFS server
> in Kerberos.
> Thanks in advance,
>     David Fulton
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info

       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available