[OpenAFS] AFS Token / Kerberos v5 ticket
Xavier Canehan
Xavier.Canehan at in2p3.fr
Tue Oct 20 04:28:22 EDT 2009
Jeffrey Altman a écrit :
> Can you please explain what it is that you are attempting
> to accomplish?
Our home made batch system used to save and forge kas tickets. No
Kerberos 5, not very secure, easiest. Moreover, it was just navigating
through bit fields to forge a ticket. No AFS primitive implied.
We are migrating: away from current batch system and to Kerberos 5.
During process, we have to modify our batch system, whilst main
developer retired.
As Rémi worked on Kerberos 5 migration here, he has been volunteered to
provided code to migrate our batch system. Thus, he is investigating
several options to cope either with kas, fakeka, K5.
He may have not been clear: we are not willing to put a keyfile in
unsecure places. We have to modify our batch master and prepare the
place for the next.
Thanks to every one who helped, either with directions or code.
Rémi is adapting code from Rainer Toebbicke. If not successful, we will
certainly switch to Heimdal, as suggested by Derrick Brashear.
Rémi is not trying to break AFS nor Kerberos.
He is not trying to hack our cell. I know where he lives. :o)
Best regards,
X. Canehan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4050 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20091020/515d776e/attachment.bin
More information about the Kerberos
mailing list