[OpenAFS] MIT krb5 w/OpenAFS

[Sam Hartman]

>>>>> "John" == John Berninger <John_Berninger@ncsu.edu> writes:

    John> I've successfully gotten Krb5 and OpenAFS 1.0.4 to play
    John> together nicely, so I can give you some ideas on what I did,
    John> as well as what I found out when trying this.

    John>         First, the Kerberos realm name and AFS cell name
    John> must eb the same for what you're trying to do.  With Krb5,
    John> the realm name gets salted in as part of the key, and the
    John> AFS principle is based on the cell name, so they've got to
    John> be the same.  At least, I've never heard of anyone getting
    John> OAFS and Krb5 talking nicely with different realm and cell
    John> names - if this is incorrect, I'm sure someone will correct
    John> me.  :)

You can create /usr/afs/etc/krb.conf with your realm name in it, and
then create a key called afs/cell@REALM and that also works.