Alternatively, use the patch I used based on one that Doug Engert wrote that lets you use a keytab and the keyfile separately without having to worry about getting the right keys copied around to the right places.
------------------------------------------------------------ Nathan Neulinger EMail: [EMAIL PROTECTED] University of Missouri - Rolla Phone: (573) 341-4841 Computing Services Fax: (573) 341-4216 > -----Original Message----- > From: Ken Hornstein [mailto:[EMAIL PROTECTED] > Sent: Thursday, June 05, 2003 1:43 PM > To: Nicholas Henke > Cc: [EMAIL PROTECTED] > Subject: Re: [OpenAFS] Kerberos 5, AFS, and no krb524d > > > > I have been struggling with setting up openAFS under > our existing MIT > >Kerberos V setup here at Penn. The KDC here does not support > v4 tickets, > >so there is no krb524 running. Is there an aklog that does > not need to > >talk to a krb524d, or is there another way to setup AFS with out the > >'524' translator ? > > In theory, if you're running a new enough OpenAFS (1.2.9 or greater), > you could modify aklog to simply store the V5 Kerberos ticket and > single-DES session key in the credential cache, instead of > going through > the 524 translator. That falls under the "advanced topics" > heading, and > if you're having trouble getting krb524d running then it may not be > for you. > > One thing occurs to me ... you said you tried to get krb524d > working with > a keytab. You _do_ know that once you extract the key into > the keytab, > you need to then store that new key on the AFS fileservers, right? > > --Ken > _______________________________________________ > OpenAFS-info mailing list > [EMAIL PROTECTED] > https://lists.openafs.org/mailman/listinfo/openafs-info > _______________________________________________ OpenAFS-info mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo/openafs-info
