"ph rhole oper" <[EMAIL PROTECTED]> writes:
> aklog works fine with kerberos v5 on our network, but standard
> kerberized utilities (telnetd,rshd,ftpd,etc..)
> won't acquire afs tokens after they get any tickets forwarded.Is there a
> patch for these utilities so that
> once you login you'll have afs tokens too?
> The following methods have already been tested
> 1) afs-krb5 migration kit
> This options seems to be obsolete since the latest version of this kit
> refers to kerberos 1.0.x
> Is there any newer implementation of this kit around?
The 2.0 kit is slightly better, but still needs patches. Feel free
to grab the patches in the 1.4.0rc RPM SOURCE files (available in
the candidate download section).
> 2) krb_run_aklog = true
> This option inside the krb5.conf, refers to only kerberos v4 code.It has
> nothing to do with kerberos v5.
Generally you'll need to modify PAM on the server side of the
telnetd, ftpd, sshd, etc. so that when it obtains a ticket it
also runs aklog..
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
[EMAIL PROTECTED] PGP key available
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
