getting tokens for a remote cell

[Willi Langenberger]

According to Dr A V Le Blanc:
> I have the correct information in /etc/krb.conf and in
> /etc/krb.realms.  But klog with Chris Wing's patches gives me
> this:
>
>     klog: Unable to authenticate to Kerberos: Principal expired (kerberos)

I also came across this problem. However, in my case it was a wrong
setting of the environment variable "KRBTKFILE".

If KRBTKFILE has no value, it works as expected:

  monk:~$ echo $KRBTKFILE

  monk:~$ klog wlang
  wlang at wu-wien.ac.at's Password: ******

-> ok

But setting KRBTKFILE to a filename that doesn't exist, gives the
above error:

  monk:~$ KRBTKFILE=/tmp/tkt_urxn klog wlang
  wlang at wu-wien.ac.at's Password: ******
  klog: Unable to get an AFS token: Principal expired (kerberos)

The reason, why KRBTKFILE had a wrong value, was a call to "pagsh"
(from krb-1.0). This sets this environment variable, but deletes the
ticket file:

  monk:~$ echo $KRBTKFILE                   # KRBTKFILE has no value

  monk:~$ /usr/athena/bin/pagsh             # start pagsh
  monk:~$ echo $KRBTKFILE                   # now KRBTKFILE is set
  /tmp/tkt11611_4057670324
  monk:~$ ls -l /tmp/tkt11611_4057670324    # but this file doesn't exist
  ls: /tmp/tkt11611_4057670324: No such file or directory


\wlang{}

-- 
Willi.Langenberger at wu-wien.ac.at                 Fax: +43/1/31336/702
Zentrum fuer Informatikdienste, Wirtschaftsuniversitaet Wien, Austria