[OpenAFS] afs and samba

George Mamalakis mamalos@eng.auth.gr
Wed, 01 Apr 2009 12:37:44 +0300


Harald Barth wrote:
>> 1) old way use a clear text password from client, this option is
>> disable by default for security reason. If you want use this method
>> you need to set clear text on all your clients
>>     
>
> Sounds scary.
>
>   
>> 2) new way, the samba server can work as a kaserver, that means the
>> samba can create a afs token for each user ( you need put the key
>> master password on samba tdb)
>>     
>
> There is another more modern variation of the same theme but with krb5.
> Google for kimpersonate.
>
> ----
>
> That said, I still would use the clients as AFS clients if possible,
> instead of going through a Samba gateway.
>
> Harald.
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
>   
Thank you all guys for your immediate and precise answers.

Harald, I'll play with kimpersonate with samba's preexec  -once I find 
some "free time"- which seems to do even more than I initially expected, 
and will get back to you with my results once I've finished.

Thank you all again,

-- 
George Mamalakis

IT Officer
Electrical and Computer Engineer (Aristotle Un. of Thessaloniki),
MSc (Imperial College of London)

Department of Electrical and Computer Engineering
Faculty of Engineering
Aristotle University of Thessaloniki

phone number : +30 (2310) 994379