AFS and tokenforwarding

Dug Song dugsong at
Fri Oct 5 06:55:43 EST 2001

On Thu, Oct 04, 2001 at 03:23:59PM -0400, Nicolas Williams wrote:

> Then again, I've ever used SSHv1 with Kerberos -- only SSHv2 with
> GSS/Kerberos (thanks to Simon Wilkinson's patches) and SSH w/ GSS *does*
> require mutual authentication.
> So how will you make AFS token passing in SSHv2?

maybe GSS? i don't know which protocol namespace we can shoehorn this in...

> I think you'll need to store .ssh dirs not in home directories, but
> somewhere that allows world readability.

you can fudge this in AFS with symlinks to publicly-readable
(system:anyuser rl) directories.



More information about the openssh-unix-dev mailing list