If you are *really* stuck with Kerberos v4 via the kaserver but still want
to forward tickets, you can use:
Maybe you got me wrong, because of my bad explanation of the problem. ;-(
I don't want to do any token passing.
The situation is as follows:
There are a couple of AFS-Server (and Client) machines with sshd running.
Additionally there are some unix-boxes w/o AFS but the ssh client program.
Now what I want is that s.o. who is logged on to one of those "non-AFS-unix-boxes" is able to ssh to one of the AFS-Servers and is authenticated via the pam-ssh module running on the AFS machines.
(This step works fine already)
Additionally I want that an AFS-token is created on the AFS-Server the person logged on. So that he dont has to call 'klog' everytime after the login. (The pam_afs-module has a "set_token" parameter which does not work in my situation!?)
In "real life" this should look like this:
-- foo:/ # ssh -l user1 AFS_Server1 password: xxx
AFS_Server1:/HOMEDIR user1$ tokens
Tokens held by the Cache Manager:
-- a valid token for user1 -- AFS_Server1:/HOMEDIR user1$
_______________________________________________ OpenAFS-info mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo/openafs-info
