[OpenAFS] some simple openafs questions

[Andrew Bacchi]

On Thu, 2003-07-24 at 15:45, Faheem Mitha wrote:

> 
> 1) When using an afs client, the command `klog' fetches tokens from
>    the campus server. Am I correct in thinking that this fetching
>    involves use of kerberos on the campus server? I don't have
>    kerberos installed on my client machine, though I have seen
>    descriptions which involve installation of kerberos on the client
>    machine. Is kerberos not required at the client end?

There are at least two kerberos implementations used in AFS.  The old
(default) is to use the kaserver (Kerberos 4) on the afs database
machine.  The klog command gets tokens from the kaserver.  You can see
the kaserver instance by issuing 'bos status mydbserver'

Kerberos 5 involves running a kerberos 5 server, either on the afs
database server or another machine.  The aklog command fetches tokens
from the k5 server.  Look for Ken Hornstien's kerb 5 toolkit to set this
up.  I don't run Debian, but I imagine there are many who do.



-- 
Facade: Provide a unified interface to a set of interfaces in a
subsystem.

Andrew Bacchi
Staff Systems Programmer
Rensselaer Polytechnic Institute
phone: 518 276-6415  fax: 518 276-2809

http://www.rpi.edu/~bacchi/