On 12/12/2012 8:45 AM, Steve Gaarder wrote:
On Tue, 11 Dec 2012, Harald Barth wrote:
If you merge a new secret into the AFS key file on the server with a
new (high, say 10001) kvno, it should not. I have not tested this
though.
Is there an advantage to such a high kvno? As I understand
There is no advantage and attempting to obtain a value that high should
not be attempted. There are bugs in some Kerberos distributions when
the kvno is greater than 255.
Oopsie. Thanks Jeff! So please do NOT follow my advice then. But
choose the number so that you don't interfere if you want
On Wed, Dec 12, 2012 at 8:45 AM, Steve Gaarder gaard...@math.cornell.eduwrote:
On Tue, 11 Dec 2012, Harald Barth wrote:
1. Create
afs/math.cornell.edu@MATH.**CORNELL.EDUmath.cornell@math.cornell.edu
2. Store the key in a keytab file
3. Use asetkey to add the key to the keyfile on each
On Wed, Dec 12, 2012 at 3:30 PM, Steve Gaarder gaar...@math.cornell.eduwrote:
THanks. Do I need to restart the afs servers in order to have them use
the new key?
Shouldn't be.
--
brandon s allbery kf8nh sine nomine associates
allber...@gmail.com
On 12 Dec 2012, at 20:47, Brandon Allbery wrote:
On Wed, Dec 12, 2012 at 3:30 PM, Steve Gaarder gaar...@math.cornell.edu
wrote:
THanks. Do I need to restart the afs servers in order to have them use the
new key?
Shouldn't be.
There's a race in the key selection algorithms for
I am trying to get Openafs 1.7.21 working on a Windows 7 machine. I followed
the directions on http://wiki.openafs.org/WindowsEndUserQuickStartGuide/
and installed Heimdall and the Network Identity Manager from the links on that
page.
Using the Identity Manager, I am able to get a Kerberos
Upgrading your AFS principal from afs@ to afs/math.cornell.edu@ will
fix this problem
and shorten the time it takes all AFS clients to obtain afs tokens.
On Tuesday, December 11, 2012 8:50:03 AM, Steve Gaarder wrote:
I am trying to get Openafs 1.7.21 working on a Windows 7 machine. I
followed
On Tue, 11 Dec 2012, Jeffrey Altman wrote:
Upgrading your AFS principal from afs@ to afs/math.cornell.edu@ will
fix this problem
and shorten the time it takes all AFS clients to obtain afs tokens.
Thanks. My next question is: if I do this, will it break existing sessions
using tokens obtained
Thanks. My next question is: if I do this, will it break existing
sessions using tokens obtained via afs@?
If you merge a new secret into the AFS key file on the server with a
new (high, say 10001) kvno, it should not. I have not tested this
though.
1. Create
On 12/11/2012 4:30 PM, Steve Gaarder wrote:
On Tue, 11 Dec 2012, Jeffrey Altman wrote:
Upgrading your AFS principal from afs@ to afs/math.cornell.edu@ will
fix this problem
and shorten the time it takes all AFS clients to obtain afs tokens.
Thanks. My next question is: if I do this, will
* Harald Barth [2012-12-11 23:07:07 +0100]:
Thanks. My next question is: if I do this, will it break existing
sessions using tokens obtained via afs@?
If you merge a new secret into the AFS key file on the server with a
new (high, say 10001) kvno, it should not. I have not tested this
11 matches
Mail list logo
