(Illustration by Gaich Muramatsu)
There are two parts to this story: 1. setting up a Kerberos 5 server - I found this hard. 2. setting up our stuff - this should become a short section in the Coda HOWTO. Volunteers? Peter At 11:58 PM 1/22/99 -0600, you wrote: >> > Hi folks, >> > >> > I'd like to get an idea of who is using KerberosIV and KerberosV support >> > in Coda. >> >> Me, for one. And it's very important. Now that I've got Doug Engert's >> sslk5 working properly, we have a straight path from >> >> Smartcard->PKI->Kerberos V->distributed file system >> >> without all of the gunk that goes with a DCE arrangement, and (reasonably) >> cross platform from Win95, WinNT to Unix (well, Linux right now), but >> I might get round to looking at HP-UX some time next millenium. >> >> > mapping issue (how to map Kerberos identities to Coda identities), >> > authorization issues, not to mention ease of use issues (such as: we >> > always use this command line flag, why isn't it the default, or that the >> > automatic invocation of kinit is a pain, etc). Kerberos support is >> > important to us in that it allows easy integration with existing >> > distributed systems and a single-login. Because of existing setups here >> > at CMU, we have tested K4 support more extensively than K5; as such K5 >> > comments would be particularly welcome :). >> >> When I get some time, I'll get back to hacking on it. The >> biggest changes are the ones that you suggested about mapping >> Kerberos principals onto Coda ids. At the moment, I'm using a >> grungy pattern match to do the work, but would like a bit more >> flexibility than that gives me. > >Can I get an idea what needs to be done to make this work? I'm trying to >set up Coda with Kerberos V authentication exclusively. Documentation on >this is spotty to nonexistant to say the least. > > >-------------------------------------------------------------------------- >| Troy Benjegerdes | troy_at_microux.com | hozer_at_drgw.net | >| Unix is user friendly... You just have to be friendly to it first. | >| This message composed with 100% free software. http://www.gnu.org | >--------------------------------------------------------------------------Received on 1999-01-27 10:14:11