[OpenAFS] password-less login via OpenSSH with OpenAFS home
dir...
Rudolph T Maceyko
rtm@cert.org
Fri, 12 Oct 2001 14:07:30 -0400
I do it the other way: I give "l" access on ~/.ssh and "rl" on
~/.ssh/public. Then authorized_keys{,2} -> public/authorized_keys{,2}.
Same for environment if you need that.
FYI,
-Rudy
--On Friday, October 12, 2001 13:40:35 -0400 Jim Rees <rees@umich.edu>
wrote:
> So here is the question: how to allow for SSH password-less login
> (possibly getting the token, too, otherwise it would be
> useless...) with user's home dirs on AFS?
>
> This should be obvious, but it comes up a lot, so...
>
> % cd
> % fs la
> Access list for . is
> Normal rights:
> system:anyuser l
> rees rlidwka
> % cd ~/.ssh
> % fs la
> Access list for . is
> Normal rights:
> system:anyuser rl
> rees rlidwka
> % ls -l
> total 5
> -rw-r--r-- 1 rees wheel 333 Feb 8 1999 authorized_keys
> lrwxr-xr-x 1 rees wheel 14 Jan 1 1999 config -> private/config
> -rw-r--r-- 1 rees wheel 31 Jan 1 1999 environment
> lrwxr-xr-x 1 rees wheel 16 Mar 7 1997 identity ->
> private/identity -rw-r--r-- 1 rees wheel 333 Feb 8 1999
> identity.pub
> lrwxr-xr-x 1 rees wheel 19 Mar 7 1997 known_hosts ->
> private/known_hosts drwxr-xr-x 2 rees wheel 2048 Sep 27 11:43
> private
> lrwxr-xr-x 1 rees wheel 19 Mar 7 1997 random_seed ->
> private/random_seed % fs la private
> Access list for private is
> Normal rights:
> rees rlidwka