From: TedAnderson Date: Thu, 27 Feb 2003 13:07:08 +0000 (+0000) Subject: none X-Git-Url: https://git.openafs.org/?p=openafs-wiki.git;a=commitdiff_plain;h=f5cfa3567bb1bd23f54916c0f2241fbeb721a38b none --- diff --git a/AFSLore/GettingAuthenticated.mdwn b/AFSLore/GettingAuthenticated.mdwn index 23009a9..5a73891 100644 --- a/AFSLore/GettingAuthenticated.mdwn +++ b/AFSLore/GettingAuthenticated.mdwn @@ -36,6 +36,7 @@ Some other topics that should be explained. - SSH -- There are two issues. First is mutually authenticating you and the SSH server to each other using Kerberos. See [[KerberosV]] for a link to patches to kerberize [[OpenSSH]]. Second is passing local AFS authentication to the remote shell (in this case an AFS Client) in the form of AFS service tickets (tokens). - these instructions from [[CharlesClancy]] for building openssh might be useful - another perspective from [[OwenLeBlanc]] + - [[SSHKeyAuthentication]] - How to choose between [[KaServer]], [[KerberosVMIT]], [[HeimdalKTH]] and [[ActiveDirectory]]. - [[StringToKey]] issues. - Authenticating applications that need AFS access and can't depend upon human interaction to enter a password. @@ -48,7 +49,7 @@ Some other topics that should be explained. - [[OtherGroupServers]] are not well integrated as far as I know. The big ones are [[ActiveDirectory]] and [[NIS]] and maybe some LDAP systems. While one could imagine wrapping a [[PtServer]] interface around such a thing, there are probably some features that would make seamless integration difficult. Has anyone seriously looked into this? - In a 10-Oct-2002 message from [[DerrickBrashear]]: ...something to allow LDAP queries of the PTS database... /afs/andrew.cmu.edu/usr/shadow/back-pts.tar.gz / The README inside explains how it works. --- [[TedAnderson]] - 22-24, 29 Jan 2002
-- [[JasonGarman]] - 30 Jan 2002
-- [[TedAnderson]] - 06-07 Feb, 11 Oct 2002
+-- [[TedAnderson]] - 22-24, 29 Jan 2002
-- [[JasonGarman]] - 30 Jan 2002
-- [[TedAnderson]] - 06-07 Feb, 11 Oct 2002
-- [[TedAnderson]] - 27 Feb 2003
----