I am looking into pam_afs and klog for authentication on a cluster. pam_afs does have the use_klog option so It uses klog for authentication. (I noticed that #define KLOG "/usr/afsws/bin/klog" is in afs_util.h and I have klog in /usr/afs/bin. so probably my install directory is wrong ?)
Well anyway, it would be relatively easy to modify pam_afs to fork klog to the different nodes and do it's thing there. That way every node has "a token" Sounds like brute force, but easy to accomplish. (I wonder how to clean up those tokens after someone logs out) Or is it "cleaner" to obtain just one token and use that on every node ? (I can imagine that the server is going to notice that one token is used on "multiple machines" and therefore that's not too good an idea ?) thanks, Ron _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
