On 4/7/2016 12:59 PM, Steven Mikes wrote: > Hi All, > I am attempting to access an AFS cell which I believe is still using > Kerberos V4. Existing machines in the cell use the 'klog' command > (klog.krb) to obtain tokens. > I'm running Ubuntu 14.04.2 with openAFS 1.6.17, and cannot figure out > how to authenticate. The /usr/bin/klog in my install is symlinked to > /etc/alternatives/klog, which is itself linked back to > /usr/bin/klog.krb5, so there doesn't see to be a v4 version of the > command at all. I know it was deprecated for security reasons and V5 is > the recommended authentication method, but the cell I need to connect to > is still on V4. Is there a way to configure krb5 so I can obtain tokens? > I have tried various options in the /etc/krb5.conf file with no luck > yet. Any help is much appreciated. > -Steven Mikes
Steven, I believe the Global Foundries cell is still using the IBM AFS kaserver for authentication. The klog.krb5 and kinit/aklog authentication methods will not work with it. Only the kauth version of klog can be used to authenticate with the kaserver. Jeffrey Altman AuriStor, Inc.
<<attachment: jaltman.vcf>>
smime.p7s
Description: S/MIME Cryptographic Signature