Coda File System

Kerb5 Howto? (Re: Coda and Kerberos)

From: Troy Benjegerdes <hozer_at_drgw.net>
Date: Fri, 22 Jan 1999 23:58:12 -0600 (CST)
> > Hi folks,
> >
> > I'd like to get an idea of who is using KerberosIV and KerberosV support
> > in Coda.
> 
> Me, for one. And it's very important. Now that I've got Doug Engert's
> sslk5 working properly, we have a straight path from
> 
> Smartcard->PKI->Kerberos V->distributed file system
> 
> without all of the gunk that goes with a DCE arrangement, and (reasonably)
> cross platform from Win95, WinNT to Unix (well, Linux right now), but
> I might get round to looking at HP-UX some time next millenium.
> 
> > mapping issue (how to map Kerberos identities to Coda identities),
> > authorization issues, not to mention ease of use issues (such as: we
> > always use this command line flag, why isn't it the default, or that the
> > automatic invocation of kinit is a pain, etc).  Kerberos support is
> > important to us in that it allows easy integration with existing
> > distributed systems and a single-login.  Because of existing setups here
> > at CMU, we have tested K4 support more extensively than K5; as such K5
> > comments would be particularly welcome :).
> 
> When I get some time, I'll get back to hacking on it. The
> biggest changes are the ones that you suggested about mapping
> Kerberos principals onto Coda ids. At the moment, I'm using a
> grungy pattern match to do the work, but would like a bit more
> flexibility than that gives me.

Can I get an idea what needs to be done to make this work? I'm trying to
set up Coda with Kerberos V authentication exclusively. Documentation on
this is spotty to nonexistant to say the least.


--------------------------------------------------------------------------
| Troy Benjegerdes    |       troy_at_microux.com     |    hozer_at_drgw.net   |
|    Unix is user friendly... You just have to be friendly to it first.  |
| This message composed with 100% free software.    http://www.gnu.org   |
--------------------------------------------------------------------------
Received on 1999-01-23 00:55:08