On 8/9/2012 5:52 PM, Russ Allbery wrote:
> We run remctld on literally every system we manage (since we expose
> commands to run and lock Puppet and to install packages with aptitude or
> yum). We also expose remctl interfaces for every service that we run, so
> any central server doing something
Ken Dreyer writes:
> In the course of setting up remctl for our AFS infrastructure, I was
> wondering how other sites expose remctld servers to their users. Do you
> have a hostname that's dedicated to this service, such as
> remctl.example.edu ?
We run remctld on literally every system we manag
In the course of setting up remctl for our AFS infrastructure, I was
wondering how other sites expose remctld servers to their users. Do
you have a hostname that's dedicated to this service, such as
remctl.example.edu ?
In our environment we're going to run remctld on our AFS VLDB servers
and our
We have a situation where users stay logged on for literally days or
even weeks at a time for very long-running simulation jobs. So the
default max ticket life of one day isn't really appropriate for us.
It seems that there are two solutions to this dilemma: (1) a much
longer max ticket life or (
On 8/8/2012 7:42 PM, Jeremy Hunt wrote:
> Hi Mauricio,
>
> Doug is right, I misread your request, my apologies.
>
> Googling kerberos, nat and ssh gives many responses all saying that the
> only way to do this is to use tickets with no address in them.
As Tom said, its not the address in the tic