(Illustration by Gaich Muramatsu)
Hello! As the subject says, the Aetey Global Technologies' Coda client installer has been updated. The included clog is capable of using - Kerberos password - Kerberos keytab - Kerberos TGT in the credentials cache As usual with the modular clog, method-specific options are to be placed after the account_at_realm argument, so you may use clog xxx_at_yyy.zz (will not ask for a password if you have a cached TGT for the Kerberos realm trusted by Coda realm yyy.zz) clog xxx_at_yyy.zz -tgt only (will not ask for a password even if you lack TGT) clog xxx_at_yyy.zz -tgt no (will ignore TGT and always ask for a password) Similarly: clog xxx_at_yyy.zz -keytab /etc/krb5.keytab (handy for putting into crontab to refresh the host's tokens) The Coda client (and server) download links are as usual on http://www.aetey.se/index.php?Static&pg=CodaInstHowto Some background: Kerberos interoperability does not need any configuration nor extra libraries on the client hosts. Both the hosts and the Coda users stay happily unaware of which Kerberos realms are involved in which Coda realms. To accomplish this, a trivial extra service is used on the Coda servers. (Note, there is no implicit relation between the names of Coda realms and the Kerberos ones. Unlike AFS, one Coda realm can easily and transparently use services of several Kerberos realms.) xxx_at_yyy.zz above may look like bob/hq_at_yyy.zz - "hq" being the nickname for the headquarters' Kerberos realm CENTRAL.YYY.ZZ and "bob" being a principal in that realm. At the same time bob/paris_at_yyy.zz may be used by another person and refer to a totally different Kerberos principal "bob" in Kerberos realm FRANCE.BRANCH.YYY.ZZ A Coda account for a host in the European branch would look like host/host123.france.yyy.zz/paris_at_yyy.zz Regards, RuneReceived on 2008-02-23 17:04:10