AFS and tokenforwarding
Dug Song
dugsong at monkey.org
Thu Oct 4 18:41:54 EST 2001
On Wed, Oct 03, 2001 at 07:58:14PM -0700, Booker C. Bense wrote:
> - I think there are two problems being conflated into one. My patch
> is just to get the AFS code to compile when using Kth-1.1. It doesn't
> fix the problem of the token not being available when you need to
> access the filesystem. I think that was the point of the other
> patch posted.
sorry - i was indeed thinking of the other patch.
i remember now - the issue was, we didn't want to send Kerberos TGTs
or AFS tokens until authentication succeeded. i talked this over with
Markus at the time.
i know that this prevents things like RSA authentication when the user
needs AFS tokens to access their home directory, but i've always
regretted that this went into the original SSH-AFS patches (there was
some long debate about this on the mailing list, and i conceded to
popular opinion).
-d.
---
http://www.monkey.org/~dugsong/
More information about the openssh-unix-dev
mailing list