Matthew Weigel wrote: > Jiann-Ming Su wrote: > >>I've been testing 1.4. It seems like aklog still needs port 4444 on >>the Kerberos server opened. My Kerberos v5 server is on a different >>computer than the OpenAFS server. Some of the docs I'm reading seem >>to indicate that port 4444 is only needed to convert between v5 and v4 >>tokens. Thanks for any clarification. > > > AFS requires v4 tickets, so aklog uses a v5 ticket to acquire a v4 ticket > for use with AFS. That is, aklog acts as one part of the bridge to get > AFS to work in a Kerberos v5 domain.
OpenAFS 1.2.8 and higher do not require v4 tickets. These versions can use a DES-based Kerberos 5 ticket without modification. Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
