Kerberos AFS ticket problem
Kevin Coffman
kwc at citi.umich.edu
Wed Oct 20 12:25:24 EDT 2004
Hi Derek,
I have a few questions, and then I can generate a new keytab for your
afs/umd.umich.edu principal. You will then need to run the asetkey program
to copy the key out of the keytab and into your KeyFile. You'll need a copy
of the asetkey program, hence the questions:
1) What OS platform are you running your OpenAFS server(s) on?
2) Are you using Transarc paths or the OpenAFS default paths?
(is your KeyFile in /usr/afs/etc/ or /usr/local/etc/openafs/server/?)
After I create the new keytab, clients that are already using the old key
should continue to work. Clients getting tickets from
kerberos-[124].umich.edu will not work until you add the new key to your
KeyFile and propagate that to all your servers.
K.C.
More information about the Kerberos
mailing list