[954] in arla-drinkers

home help back first fref pref prev next nref lref last post

Re: PAM and arla

daemon@ATHENA.MIT.EDU (Chris Wing)
Thu Jul 8 00:49:22 1999

From owner-arla-drinkers@stacken.kth.se Thu Jul 08 04:49:21 1999
Return-Path: <owner-arla-drinkers@stacken.kth.se>
Delivered-To: arla-drinkers-mtg@bloom-picayune.mit.edu
Received: (qmail 2537 invoked from network); 8 Jul 1999 04:49:20 -0000
Received: from unknown (HELO sundance.stacken.kth.se) (130.237.234.41)
  by bloom-picayune.mit.edu with SMTP; 8 Jul 1999 04:49:20 -0000
Received: (from majordom@localhost)
	by sundance.stacken.kth.se (8.8.8/8.8.8) id GAA03399
	for arla-drinkers-list; Thu, 8 Jul 1999 06:42:41 +0200 (MET DST)
Received: from shaft.engin.umich.edu (wingc@shaft.engin.umich.edu [141.213.33.85])
	by sundance.stacken.kth.se (8.8.8/8.8.8) with ESMTP id GAA03395
	for <arla-drinkers@stacken.kth.se>; Thu, 8 Jul 1999 06:42:37 +0200 (MET DST)
Received: from localhost (wingc@localhost)
	by shaft.engin.umich.edu (8.9.3/8.9.3) with ESMTP id AAA02029;
	Thu, 8 Jul 1999 00:42:29 -0400
X-Authentication-Warning: shaft.engin.umich.edu: wingc owned process doing -bs
Date: Thu, 8 Jul 1999 00:42:29 -0400 (EDT)
From: Chris Wing <wingc@engin.umich.edu>
To: karney@princeton.edu
cc: arla-drinkers@stacken.kth.se, schaefer@Uni-Hohenheim.DE
Subject: Re: PAM and arla
In-Reply-To: <14212.4364.255177.862445@orion.pppl.gov>
Message-ID: <Pine.LNX.4.10.9907080039190.2024-100000@shaft.engin.umich.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-arla-drinkers@stacken.kth.se
Precedence: bulk

Charles:

I recommend that you use a PAM module that makes Kerberos+AFS calls
directly (for robustness and security), but if you are seeking a true
klog equivalent for Arla, I will be posting one _really soon now_, 
probably tomorrow.

(putting the finishing touches on the man pages)

-Chris Wing
wingc@engin.umich.edu


> I have been using the MIT version of AFS for Linux (2.0.x) with Tobias
> Schaefer's pam_linux_afs module for authentication + tokens.  This invokes
> the klog command to do the authentication and the whole package works fine
> 
> Recently, I've installed arla (0.25) and kth-krb (0.9.9) and would like to
> get AFS tokens automatically.  I tried specifying
> 
>     klog_program /usr/athena/bin/kauth
> 
> to pam_linux_afs (i.e., the kth-krb kauth program).  However this bombs


home help back first fref pref prev next nref lref last post