On Wed, 2 Jul 2014, Jean-Marc Choulet wrote:
Hello,
Is it possible to change my cell key on all my afs servers. I made a mistake.
I changed the key value with ktadd without -norandkey
Now, I have problem with my AFS filesystem :
root@afs1:~# LANG=C ls /afs/xxxx/users/bjaille2/
ls: cannot open directory /afs/xxxx/users/bjaille2/: Permission denied
That is the expected behavior given what you have done, yes. Clients that
obtain fresh tokens will not be able to authenticate to the AFS servers.
You need to take the keytab you obtained from the above "ktadd without
-norandkey" and use asetkey to add that key to the appropriate KeyFile (if
it's a 1DES key), or ktutil to add it to the rxkad.keytab (otherwise).
-Ben
_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
