On 4/7/2016 2:24 PM, Jeffrey Altman wrote: > On 4/7/2016 12:59 PM, Steven Mikes wrote: >> Hi All, >> I am attempting to access an AFS cell which I believe is still using >> Kerberos V4. Existing machines in the cell use the 'klog' command >> (klog.krb) to obtain tokens. >> I'm running Ubuntu 14.04.2 with openAFS 1.6.17, and cannot figure out >> how to authenticate. The /usr/bin/klog in my install is symlinked to >> /etc/alternatives/klog, which is itself linked back to >> /usr/bin/klog.krb5, so there doesn't see to be a v4 version of the >> command at all. I know it was deprecated for security reasons and V5 is >> the recommended authentication method, but the cell I need to connect to >> is still on V4. Is there a way to configure krb5 so I can obtain tokens? >> I have tried various options in the /etc/krb5.conf file with no luck >> yet. Any help is much appreciated. >> -Steven Mikes > > Steven, > > I believe the Global Foundries cell is still using the IBM AFS kaserver > for authentication. The klog.krb5 and kinit/aklog authentication > methods will not work with it. Only the kauth version of klog can be > used to authenticate with the kaserver.
Try executing klog.afs. It should be installed as part of the openafs-client package. > Jeffrey Altman > AuriStor, Inc.
<<attachment: jaltman.vcf>>
smime.p7s
Description: S/MIME Cryptographic Signature
