[OpenAFS] Home directory in AFS
Turbo Fredriksson
turbo@bayour.com
19 Apr 2002 16:17:01 +0200
>>>>> "Derek" == Derek T Yarnell <derek@cs.umd.edu> writes:
Derek> First of all, thank you Turbo for the LDAPv3 howto you have
Derek> been writing, it has been very helpful. However I am still
Derek> having a bit of a problem getting it all to work, so I may
Derek> email you with some questions.
Thanx. OpenAFS is next on the agenda, I just have to learn more before
I start 'bragging' in public :)
Derek> Second as for the RSA ssh-ing, I am guessing you mean the
Derek> DSA/RSA hosts authenitcation with
Derek> ~/.ssh/authorized_keys{1,2} functionality?
Those are the ones.
Derek> This would be a case I thought for the Forwardable Tickets
Derek> in Krb5 and ssh. Supposedly openssh with the gssapi
Derek> patches should be able to forward your tickets.
Derek> http://www.sxw.org.uk/computing/patches/openssh.html
I'm already using that patch on both the client and the server machine(s).
The problem is that SSHd seems to need my password, to be able to ask the
KDC for the ticket (I think). Granted, i mostly use pam_krb5, and THAT can't
get a ticket if I'm using the RSA key. Thing is, I can't always rely on the
client SSH to have the GSSAPI stuff compiled in. Mostly this is because of
any Win clients I'm forced to use on work etc (and that my users are using,
not all my users have seen the light :).
--
Nazi smuggle subway Iran genetic NSA Ft. Meade Treasury spy Delta
Force counter-intelligence terrorist Semtex quiche attack
[See http://www.aclu.org/echelonwatch/index.html for more about this]