forwarding tokens to other machine
Dr A V Le Blanc
LeBlanc at mcc.ac.uk
Thu Aug 5 14:43:10 CEST 1999
On Thu, Aug 05, 1999 at 12:17:03PM +0200, Assar Westerlund wrote:
> The token format has been compatible for a long time. The misfeature
> that was cause Herbert some troubles was that we didn't implement
> GETTOK properly.
>
> Have you looked at why the forwarding of tokens doesn't work with AFS
> 3.5?
avl0 11:07:32> tokens
Ticket file: /tmp/tkt0_4022221986
Principal: zlsiial at MCC.AC.GB
Issued Expires Principal
Aug 5 09:43:52 Aug 5 19:43:52 krbtgt.MCC.AC.GB at MCC.AC.GB
Aug 5 09:43:53 Aug 5 19:43:53 afs at MCC.AC.GB
AFS tokens:
Aug 5 09:43:53 Aug 5 19:43:53 Tokens for mcc.ac.gb
avl0 13:36:23> ssh -l zlsiial rock
Last login: Thu Aug 5 13:36:01 1999 from snow.mcc.ac.uk
No mail.
Erase is delete
Kill is control-U
rock 13:36:32> tokens
Tokens held by the Cache Manager:
Tokens for afs at mcc.ac.gb [Expires Aug 5 19:43]
--End of list--
ck 13:36:34> cd me
bash: cd: me: Permission denied
rock 13:36:35> klog zlsiial
Password:
rock 13:37:04> cd me
rock 13:37:05> tokens
Tokens held by the Cache Manager:
User's (AFS ID 102) tokens for afs at mcc.ac.gb [Expires Aug 6 15:03]
--End of list--
rock 13:37:07>
The first token is from the arla machine, and works without problems
on AFS 3.4a machines. The ssh on the AFS 3.5 machine is ssh-1.2.26
with the AFS patches, and compiled against krb4-19990219. I also
have with the old tokens:
rock 13:40:43> bos stat rock
bos: failed to contact host's bosserver (security object was passed a bad ticket).
which says that something is wrong. It's hard to find out what's going
wrong inside AFS.
Any suggestions?
-- Owen
LeBlanc at mcc.ac.uk
More information about the Arla-drinkers
mailing list