Excerpts from internet.info-afs: 30-Nov-94 Re: Some comments regarding..
by David [EMAIL PROTECTED]
> 1. Have the AFS kaserver use the standard MIT string_to_key() instead
> of having a custom one, so that client software doesn't have to adapt
> to two universes of Kerberos.
The kaserver doesn't care what kind of keys you store in it. klog
understands how to use either string_to_key function. kas and kpasswd
simply need to be modified to do so. I've done the modifications, and
they are quite simple. The only remaining problem is determining which
cells are using which form of the string_to_key
> 2. Support for Kerberos 5, although I doubt Transarc will want to support
> it until it is completely finished. I look forward to the day I can
> type my password once, but be able to get tokens on any machine I
> authenticate to via Kerberos.
Do you use kerberos 5 now, is that why you want this, or is it for
authentication forwarding? In the latter case, there are solutions...
> 3. Ship versions of ls and chmod that recognize AFS, and can munge the
> output accordingly to help ease the learning curve for new users.
What needs to change in ls for AFS? Just who owns what? Problem is, for
example, SunOS uid_t is 16 bit, while AFS allows many more uids than
65535. How do you deal with this when you can't get the true owner of a
file without jumping through hoops which would make ls -l take a long
long time? At any rate I also have a version of ls that does pts
lookups.
