[OpenAFS-devel] token passing in modern ssh?

[Jeffrey Hutzelman]

On Saturday, December 11, 2004 13:34:26 -0500 Jim Rees <rees@umich.edu> 
wrote:

> Does anyone have patches to re-enable afs token passing in modern OpenAFS
> using protocol 2?
>
> I'm not crazy about token passing but I can't think of any other way to
> get all my tokens on the remote machine without using cross-realm
> authentication.  Any other suggestions?

Probably not.  The supported way of doing this is to use cross-realm krb5 
authentication using the 'gssapi-with-mic' mechanism, forward tickets at 
that time, and use the forwarded tickets to obtain tokens.

There is not currently any mechanism defined that will allow forwarding of 
credentials or AFS tokens other than as a side-effect of GSSAPI 
authentication.

-- Jeff