Ron Croonenberg wrote: > (Actually what I want is "a" machine to run OpenAFS so that I can use > vos on it, but I don't want anyone with an afs account to be able to log > in to the box, except an OpenAFS admin maybe.) > > Can that be done ? (and if so what do I need ?)
OpenAFS authentication is completely separate from login authorization; unless you set up users to be able to log in, the fact that they can get AFS tokens does nothing for letting them log in to the machine. Depending on your site, it could be as simple as not including Kerberos/AFS users in /etc/passwd, or not configuring PAM to authorize users through your normal process. -- Matthew Weigel hacker [EMAIL PROTECTED] _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
