Extending the life of tokens?
Thomas Jordan
jordant at fnal.gov
Wed Jul 31 23:51:52 CEST 2002
Dear Magnus,
Our authentication scheme apears to require kaserver protocol as klog will
not work.
[owen-meany:/usr/arla/bin] jordant% unlog
[owen-meany:/usr/arla/bin] jordant% tokens
Tokens held by Arla:
--End of list--
[owen-meany:/usr/arla/bin] jordant% klog
jordant at fnal.gov's Password:
kerberos-iv/udp unknown service, using default port 750
klog: Unable to authenticate to Kerberos: Can't send request
(send_to_kdc)
[owen-meany:/usr/arla/bin] jordant% tokens
Tokens held by Arla:
--End of list--
[owen-meany:/usr/arla/bin] jordant%
So, is there a way to re-build kalog on my system so that I can extend 8 *
3600 seconds?
t.
On 7/31/02 16:30, "Magnus Ahltorp" <ahltorp at nada.kth.se> wrote:
>> I currently use Arla build 0.35.9 on OSX 10.1.5. Is there a config file for
>> kalog or a command line switch that will allow me to request longer-lived
>> AFS credentials (tokens)? The default seems to be 10h 40m. Or is this driven
>> by the server and not the client?
>
> The kalog program is hard-coded to use 8 * 3600 seconds. We normally
> use the kauth program from kth-krb/heimdal, and that allows you to
> specify the lifetime. It is not included, however, and uses the
> krb4/krb5 protocols.
>
> If you don't have to use he kaserver protocol (which kalog uses), you
> can use the klog program, which is included in arla. It allows you to
> specify the lifetime.
>
> /Magnus
Thomas Jordan
Fermi National Accelerator Laboratory
PO Box 500 MS 226
WH15W
voice: 630.840.4035
fax : 630.840.8248
More information about the Arla-drinkers
mailing list