[OpenAFS] Token expire quickly in cache manager when using UID and not PAG

[Josh Steinhurst]

	We are trying to make use of the cache managers ability to fall back on 
using UIDs to associate processes with tokens instead of using a PAG. 
[See end of message for why.] It seems to work as I expected, for 
awhile. Consider the following order of operations.

1] SSH from machine A to machine B using public/private key - no 
forwarded AFS token.
2] Execute 'klog' (with no parameters) and get a token
3] Leaving this connection in the background, SSH in a second window 
from machine A to machine B
4] Executing 'tokens' on the second SSH connection shows that it has 
access to the first token.
5] Wait 1-15 minutes
6] The token for both sessions is deleted by the cache manager. 
Executing 'tokens' in either window shows an empty token list.

I have two questions I guess:
1] Should this work, I have read the AFS documentation and it seems like 
it should. Should the tokens be disappearing like this? Any setting to 
be tweaked?

2] Do you have a better idea for the following problem?

The problem trying to be solved:
Secure remote access to a CVS repository stored in AFS. The clients can 
not pass a token over SSH. [I can't find a windows ssh executable able 
to pass an IBM/OpenAFS token] Don't want to type password every single 
transaction, opening an extra window once per day is acceptable.

Thanks for your help, let me know if you need more details about something.
Josh