Hello all,
I've been having some trouble getting my mind around the question of
whether, in a new AFS cell deployment, to start off with an installation
of MIT Kerberos.
I'd like to get to the point where I'd be able to deploy kerberized and
encrypted telnet, rlogin, IMAP, ssh, VPN access, and so on, but I'm not
clear on whether AFS's kaserver is sufficient for this. I get the
impression that it's not sufficient, due to the fact that the
ticket-granting-ticket is discarded after the AFS token is acquired... Is
this correct?
Would I be better off with Kerberos 4 or 5 in the long run?
Also, does the Kerberos realm have to match the DNS domain name of the
machines in the realm?
-Michael Pelletier.
