[OpenAFS] AFS token, SSH, KRB[5]

Russ Allbery rra@stanford.edu
Thu, 07 Jun 2007 12:04:39 -0700

Rainer Laatsch <Laatsch@rrz.uni-koeln.de> writes:

> Interested parties might want to have a look at
> /afs/rrz.uni-koeln.de/vol/pam/pam_runexec.tar
> The pam_runexec is configurable to get a token by executing [KRB4]
> klog+afslog or [KRB5] kinit+gssklog under pam. Config's are included.
> In "auth", a pag is set, and a session based ticket file is also created.
> In "session", the pag is recovered and the ticket file permissions
> corrected, if needed.

Out of curiosity, what did you find was missing from existing PAM modules
that led you to write your own?

Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>