[OpenAFS-devel] Krb5-only and KeyFile?
Troy Benjegerdes
hozer@hozed.org
Sun, 5 Jun 2005 13:22:18 -0500
On Sun, Jun 05, 2005 at 12:08:35PM -0400, Jeffrey Altman wrote:
> Troy Benjegerdes wrote:
>
> > This seems to keep getting discussed. Does anyone have a roadmap of what
> > needs to be done to get to full native Krb5 support, and doing away with
> > a dependence on des keys?
>
> Full krb5 support is available to you now. The only restriction is
> that you must use a DES key for the AFS service principal.
So is there an aklog (or something like it) that does not require running
krb524d? I know of gssklog, but that needs to have gssklogd running
someplace. Are user/admin type AFS names supported by default by
the ptserver? (as opposed to 'user.admin')
>
> The ability to use non-DES keys will be implemented as part of the rxgk
> work.