[OpenAFS] Re: ssh on AFS

Jakob Haufe sur5r@sur5r.net
Mon, 09 Jul 2007 23:22:18 +0200


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 09.07.2007 18:03, kane96@gmx.de wrote:
> Our problem is that AFS needs a afs service ticket and the ticket has
> a validity. So the directory have to be mountet all the time on that
> server. What do we need to do that the afs service renews the ticket
> all the time?

The idea behind AFS is, that the user has an AFS token whenever he needs
to access his files inside the AFS. A machine (or the root account on
that machine) has by default no special priviledges inside the AFS. It
counts as an anonymous, unauthenticated user.
If you are talking about linux then you can simply use the PAM modules
for LDAP, Kerberos and AFS respectively and they will take care of
obtaining an AFS token when the user logs in.

Regards,
Jakob

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGkqcK1YAhDic+adYRAupdAJ9ADeDhhZolkIH0jJnMFHWSSFZFSACeMVUX
4bGUfEs2118f8qU049Z+lTY=
=gQAc
-----END PGP SIGNATURE-----