ftpd and AFS tickets

[Turbo Fredriksson]

>>>>> "Ken" == Ken Hornstein <kenh at cmf.nrl.navy.mil> writes:

    >> Currently I'm using SSH with GSSAPI and pam_krb5 support.  In
    >> /etc/profile (and/or pam config for ssh) I'm getting the AFS
    >> token, so it's possible to use AFS as home when doing
    >> interactive logins with SSH.

    Ken> But if you're doing GSSAPI, then pam is never being invoked,
    Ken> right?

No, and i have no ticket!!! Just tried to get GSSAPI working, again.

I get logged in with entering password/passhprase, so GSSAPI works.
But I have no ticket, not even if requesting a forwardable and/or
proxiable ticket on my client at home.

Since I don't have a ticket, I can't get a token either... So this
GSSAPI isn't working, or I'm making a big mistake somewhere...

    Ken> Are users typing cleartext passwords inside of ssh?

Ehm... Hu?

    >> But how about the kerberized FTP/Telnet clients/daemons?

    Ken> We have special versions here that make calls to
    Ken> setpag()/aklog after tickets have been forwarded so you
    Ken> always get an AFS token automatically.

Got a patch I can get? PLEASE!?!?! :)
-- 
explosion plutonium World Trade Center Nazi Marxist [Hello to all my
fans in domestic surveillance] smuggle critical CIA 747 Khaddafi
cracking Saddam Hussein Uzi munitions
[See http://www.aclu.org/echelonwatch/index.html for more about this]