[OpenAFS] token lifetime

Sat, 12 Jul 2003 15:26:42 -0400 (EDT)

On Sat, 12 Jul 2003, Richard Wallace wrote:

> Since it is a home network I wanted to lengthen the lifetime of the krb5
> tickets and afs tokens.  Just to have a nice round number, I went with a
> year for now.  I made the modifications to the kdc.conf file so max_life
> and max_renewable_life are both "365d 0h 0m 0s".  I set the lifetime on
> all the principals in the krb5 database and changed the configuration of
> pam_krb5afs in the krb5.conf file to reflect these changes.

krb4 with the afs lifetime extensions can do a life of up to 30 days, or
unlimited. nothing in between. plus, translating something which is that
long may not work the way you expect, anyway.

try 30 days.
>
> Its seems the afs token has a max life of a month, but I haven't found
> anywhere that this is set.  Any ideas?

the variable used to represent the life doesn't go any higher than that.