[OpenAFS] Kerberos 5, AFS, and no krb524d
Nicholas Henke
henken@seas.upenn.edu
05 Jun 2003 16:33:32 -0400
On Thu, 2003-06-05 at 16:29, Douglas E. Engert wrote:
> I will let someone else answer this, as modified krb524d we use uses one key
> for the K5 ticket to decrypt it, then reads the AFS keyfile to get the key
> in which to encrypt the AFS token, thus avoidning many of these key sync issues.
> like enctypes or kvno don't have to match.
Is the modified krb524d something that would be usefull to me -- or
possibly others ?
> (We took down our AFS cell once trying to get these keys in sync, and said
Heh -- I can imagine that... :)
Nic
--
Nicholas Henke
Penguin Herder & Linux Cluster System Programmer
Liniac Project - Univ. of Pennsylvania