[OpenAFS] KA server to MIT KRB5 migration issues
Russ Allbery
rra@stanford.edu
Fri, 07 Nov 2008 11:40:11 -0800
"Derrick Brashear" <shadow@gmail.com> writes:
> On Fri, Nov 7, 2008 at 1:53 PM, Marcus Watts <mdw@umich.edu> wrote:
>> The AFS3 string to key function uses the cell name as part of the
>> conversion logic. For klog (with kaserver) that's guaranteed to be the
>> case.
> Nope. OpenAFS moved to des string to key by default a while ago. klog
> tries both, so it "just works".
Only if you have keys in your KDC with v4 salt. If you're converting from
a kaserver, you don't, so far as I can tell. It works for newly changed
keys, of course.
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>