[OpenAFS-devel] How can I use rsh to connect with AFS
Derek Atkins
warlord@MIT.EDU
14 Jan 2002 11:15:30 -0500
OpenAFS doesn't build the r* or inetd by default...
-derek
Charles Clancy <security@xauth.net> writes:
> > > > The problem is that rsh does not forward tickets/tokens so you don't
> > > > have any AFS priviledges on the remote (server) machine.
> > >
> > > If you have issued forwardable krb5 tickets and a rsh that can forward
> > > these tickets and a afslog program that can turn these forwarded
> > > tickets into tokens on the target machine it works. I suppose you do
> > > not have all of the above in place. The Heimdal krb5 package has
> > > the building pieces to make this work.
> >
> > So does MIT Krb5, but it sounded like they were using KAServer...
>
> Can't you just use the pam_afs.krb modules to keep your K4 TGT around,
> forward that, and then use afslog? Works with SSH.
>
> Also, I the inetd that comes with AFS automatically does token passing for
> you. See "Using UNIX Remote Services in the AFS Environment" in the AFS
> admin guide and AFS admin reference:
>
> http://www.cs.rose-hulman.edu/docs/afs-doc/html/AdminGd/auagd007.htm#HDRWQ78
> and
> http://www.cs.rose-hulman.edu/docs/afs-doc/html/AdminRef/auarf179.htm#HDRINETD
>
> --
> t. charles clancy <> tclancy@uiuc.edu <> www.uiuc.edu/~tclancy
>
>
> _______________________________________________
> OpenAFS-devel mailing list
> OpenAFS-devel@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-devel
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available