[OpenAFS] AFS / PAM / SSH / (w/o Kerberos)

[TOBx]

>>
>> Has anyone a good documentation of the pam_afs-Module? It seems to 
>> me, as
>> if
>> the parameters one can set for the module aren't making a difference?
> [EC] Maybe you should try to compile SSH with PAM support.

I did this. But it doesn't help.

In /etc/pam.d/sshd I added the option 'debug' to the 
pam_afs.so.2-module.
So I get nice info about what the pam-module does when I try to log in.
SSH tries to authenticate the user (with username and passwd) 2 (!) 
times.
While the first time it seems as if the auth is successful, the second 
try prints a message like "unable to get the passwd from pam". ;-(
(Unfortunately I#m currently not at work and so I'm unable to attache 
the log... but I can send it, if someone cares for the exact message.)

After googling for quite a long time I found some information about an 
AFS support for SSH.
But as far as I know, there is a __little__ Problem with this. It's 
deprecated. ;-(

Was this the support  of the AFS-Token__passing__-feature?

However I just want to login via ssh from __any__ client and get a 
valid AFS (no stand-alone Kerberos stuff!) token created on the 
machine.
I can't believe that nobody else wants/has this feature already 
realized?! ;-)

Maybe s.o helps me with this....

Greets
   Tobias