[OpenAFS] Kerberos Authentication with OpenAFS.
Derek Atkins
openafs-info@openafs.org
10 May 2002 21:55:52 -0400
You will need:
afs/<cell>@REALM in kerberos, with a des-cbc-crc key only
krb524d
aklog and asetkey (from the krb5-afs migration kit)
Extract your des-cbc-crc key into a keytab, use asetkey to create
the KeyFile, then use kinit/aklog to get AFS tokens (in lieu of
klog). You will NOT need kaserver.
-derek
David Fulton <dfulton25@attbi.com> writes:
> What is the procedure for using Open AFS with an existing Kerberos
> Installation. I am currently running Sun Enterprise Authentication
> Mechanisim (Otherwise known as Kerberos 5) and am not quite sure what
> to do about getting AFS to use it instead of the builtin stuff. Also,
> I have a Win98 machine and can get tickets from it and a UNIX server
> can telnet -x and get encrypted connections. This supposedly means
> that Kerberos is set up properly. I am assuming it is just a matter of
> adding the right pricipal for the server to Kerberos and changing some
> of the binaries. Please let me know if I should beware of anything
> else. Also, what is the principal name I should use for the AFS server
> in Kerberos.
>
> Thanks in advance,
> David Fulton
>
>
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available