[OpenAFS] Kerberos V integration?

[seph]

Derek Atkins <warlord@MIT.EDU> writes:

> The key points:
> 
> 1) create a the afs/<cell>@REALM service-key entry in your KDC.  Make
>    sure you _ONLY_ have a des-cbc-crc keytype.
> 
> 2) extract a keytab for afs/<cell>@REALM -- Make sure that you use
>    "-e des-cbc-crc" so that you only get a 1-des keytype.
> 
> 3) run asetkey to copy from the keytab to the AFS KeyFile.
> 
> 4) setup AFS like normal (except without the kaserver piece).

One additional point that might bite you. If your cell name is not the
same as your kerberos realm, you'll need to tell the afs server what
realm the cell is in. stick the realm name into .../server/krb.conf

seph