> That would be because (a) Kerberos V4 doesn't have ticket forwarding, and
> (b) these things likely predate AFS's use of Kerberos.
Then how does this work (sshd_config):
KerberosAuthentication yes
KerberosOrLocalPasswd yes
AFSTokenPassing yes
KerberosTicketCleanup no
for [Open]SSH's --with-kerberos4 / --with-afs ?
When you say Kerberos V4 doesn't have ticket forwarding, do you mean that
Kerberos can only do authentication with one's TGT, and then one would
have to manually obtain other Kerberos tickets? Or do you mean no TGT
passing either?
If one used klog.krb, and the kerberized (V4) r* utilities, and afslog on
the other end, would this be more secure than the AFS r* utilities?
--
t. charles clancy <> [EMAIL PROTECTED] <> www.uiuc.edu/~tclancy
_______________________________________________
OpenAFS-devel mailing list
[EMAIL PROTECTED]
https://lists.openafs.org/mailman/listinfo/openafs-devel
