-I am not the right person to write this page, but here is a rough outline.
+This is a rough outline.
There are basically three options with several variants
Note that you can mix-and-match. Currently I'm using a [[HeimdalKTH]] KDC with [[KerberosVMIT]] clients. If you take this route the one big thing to watch out for is administrative tools - kadmin, kpasswd, and such.
--- [[TedAnderson]] - 22 Jan 2002
-
Some other topics that should be explained.
- SSH -- There are two issues. First is mutually authenticating you and the SSH server to each other using Kerberos. See [[KerberosV]] for a link to patches to kerberize [[OpenSSH]]. Second is passing local AFS authentication to the remote shell (in this case an AFS Client) in the form of AFS service tickets (tokens).
- IP ACLs
- How to configure various authentication servers to issue tickets (tokens) with lifetimes longer than 25 hours.
--- [[TedAnderson]] - 23-24, 29 Jan 2002 -- [[JasonGarman]] - 30 Jan 2002
+-- [[TedAnderson]] - 22-24, 29 Jan 2002 -- [[JasonGarman]] - 30 Jan 2002
----