[OpenAFS] Re[2]: OpenAFS and LInux PAM

[Raymond]

> So, let me try and understand what you're doing here.  You have a bunch=
 of
> Win2k/XP clients, and they access an linux FTP server that will
> prospectively be running AFS?  You don't want these users to have shell
> access?
> What I don't understand from your original post was if you're going to =
run
> the AFS client on your windows systems.  If you do, then you'd presumab=
ly
> not need to use FTP anymore.  Then, users *would* be able to reset thei=
r
> passwords, as the Windows AFS client has that ability.  Additionally, y=
ou
> wouldn't need to maintain an /etc/passwd on your server.

I would like to elimate FTP and utilize OpenAFS but retain PAM authentica=
tion=20
(without shell access).

We currently have a FTP system in place that post-processes ftp file tran=
sfers=20
by chown'ing and chmod'ing the transfers and emailing the recipient with=20
sender name, file location, file name and date / time info. System also=20
utilizes FXP and the client caches files locally. Authentication and=20
transfers are wrapped in SSH2.  Replication is nightly via rsync.

So why would we consider a change?

1. The TCP protocol is slow (less than 500 kbs) in a LAN / DS3 WAN=20
environment. I believe OpenAFS is based upon UDP.

2) The client does not intregrate into Windoz My Computer or File Explore=
r.

3) Requires proprietary client software; would like utilize complete=20
open-source solution.


Raymond