[OpenAFS-devel] How can I use rsh to connect with AFS
Charles Clancy
security@xauth.net
Mon, 14 Jan 2002 09:31:58 -0600 (CST)
> > > The problem is that rsh does not forward tickets/tokens so you don't
> > > have any AFS priviledges on the remote (server) machine.
> >
> > If you have issued forwardable krb5 tickets and a rsh that can forward
> > these tickets and a afslog program that can turn these forwarded
> > tickets into tokens on the target machine it works. I suppose you do
> > not have all of the above in place. The Heimdal krb5 package has
> > the building pieces to make this work.
>
> So does MIT Krb5, but it sounded like they were using KAServer...
Can't you just use the pam_afs.krb modules to keep your K4 TGT around,
forward that, and then use afslog? Works with SSH.
Also, I the inetd that comes with AFS automatically does token passing for
you. See "Using UNIX Remote Services in the AFS Environment" in the AFS
admin guide and AFS admin reference:
http://www.cs.rose-hulman.edu/docs/afs-doc/html/AdminGd/auagd007.htm#HDRWQ78
and
http://www.cs.rose-hulman.edu/docs/afs-doc/html/AdminRef/auarf179.htm#HDRINETD
--
t. charles clancy <> tclancy@uiuc.edu <> www.uiuc.edu/~tclancy