[OpenAFS] concise Kerberos 5 / OpenAFS setup doc?
Tue, 29 Nov 2005 10:34:35 -0500
>Does there exist any *concise* documentation for
>migrating to Kerberos 5 from the built-in OpenAFS Kerberos?
I can only say that every migration I've known about has been a little
bit different than every other one. Some are a LOT different. This
seems to be related that every installation treats authentication
I know you said you didn't want to spend a week learning about all
of the Kerberos-related stuff, but a migration documentation would have
to allow for the following variances:
- Do you want traditional OpenAFS authentication tools (klog) to still
- Do you intend on using PAM?
- Do you have a KDC already? If so, which one?
- Do you intend to have your KDC have the same realm name as your OpenAFS
- What remote access utilities do you want to use to access your system?
ssh? Kerberos telnet/rlogin?
... and the list goes on. That's why when I did the AFS-Kerberos 5 migration
kit I tried to explain what was going on behind the scenes so the user
could have enough information to make their own decision. The people I
knew who had the best success migrating to Kerberos 5 had to learn
everything you didn't want to understand.