[OpenAFS] AFS rsh token passing
Brandon S. Allbery KF8NH
allbery@ece.cmu.edu
Mon, 30 Oct 2006 19:37:46 -0500
On Oct 30, 2006, at 19:15 , Rich Sudlow wrote:
> What's the best replacement for the old AFS rsh and
> Transarc inetd which does token passing?
openssh with the hpn patches.
The final release of kth-krb4 has an rsh / rshd which forwards
Kerberos 4 tickets and can generate tokens from them. This of course
has the problem that it's only krb4.
Older (pre-0.6) heimdal has an rsh / rshd which will forward krb5
tickets and generate tokens from them. You could try porting them to
newer heimdal, but the heimdal folks (along with pretty much everyone
else) are of the opinion that rsh is insecure by nature and should
just die. In a restricted network cluster environment you might
still want to give them a try, though.
--
brandon s. allbery [linux,solaris,freebsd,perl] allbery@kf8nh.com
system administrator [openafs,heimdal,too many hats] allbery@ece.cmu.edu
electrical and computer engineering, carnegie mellon university KF8NH