[5331] in Kerberos
Need help understanding Kerberos authentication
daemon@ATHENA.MIT.EDU (David E Bernholdt)
Mon Jun 5 19:23:10 1995
To: kerberos@MIT.EDU
Date: 5 Jun 1995 22:50:19 GMT
From: gg502@fermi.pnl.gov (David E Bernholdt)
My site runs AFS. I know enough about it as a user, but now I need to
understand how the Karberos authentication aspect works a little
better.
There is a version of CVS (concurrent version system) which
accomodates remote users via a socket connection which is
authenticated with Kerberos. I'm interested in using this package to
support a number of software developers who are not at our site. They
all have accounts here, but live elsewhere.
Say I setup the CVS code on a local machine L, so that it is invoked
whenever connection is made to a particular port. A user on a remote
machine R, not part of our AFS site, fires up the cvs client and
connects to L. The first thing they do is Kerberos mutual
authentication.
What does R's environment have to look like to accomplish this? What
software does R require? What daemons, etc. must be running on R?
And what other connections will be made between R and L (or L's site)
in the course of authentication? (We also happen to be behind a
firewall.)
Because I know there are subtle differences/incompatabilities between
AFS and straight Kerberos, it might be simpler to start by supposeing
L is running straight Kerberos instead of AFS.
Then, once the authentication is complete, I take it that the CVS
server be able to access files in AFS just as the user were logged
into their account on L?
Thanks for any help you can provide.
--
David E. Bernholdt | Email: de_bernholdt@fermi.pnl.gov
Environmental Molecular Sciences Laboratory | Phone: 509 375 4387
Pacific Northwest Laboratory, MSIN K1-90 | Fax: 509 375 6631
P.O.B 999, Richland, WA 99352-0999 |
