Displaying 5 results from an estimated 5 matches for "pagsh".
Did you mean:
pagh
2019 Nov 08
1
Regarding an "earlier" variant of `pre-xfer exec` [feature request and proposed patch]
...Therefore each new `rsync` process will start
with a new PAG, and before accessing any files, one must call the
`klog` tool to authenticate. However as said above, one can`t use
`pre-xfer exec` because that executes after `chdir` which fails.
For reference:
* https://docs.openafs.org/Reference/1/pagsh.html
* https://github.com/openafs/openafs/blob/master/src/sys/setpag.c
* `k_setpag` --
http://manpages.ubuntu.com/manpages/bionic/man3/krb_afslog.3.html
Other use-cases for such a feature:
* as the original poster of the thread from 2008 said, he wanted to
mount an encrypted file-system;
* one co...
2000 May 09
1
openssh-2.1.0 and AFS
Hi!
I've noticed that openssh always does a do_setpag() if compiled with
AFS-support no matter which authentication method is used.
Maybe I'm missing something but shouldn't it only get a pag, if
AFS-token-passing is used?
If password authentication is used, an AFS-pam-module (or the authenticate
function on AIX) will do the job, otherwise, no token can be
obtained and therefore no
2019 Aug 01
2
Working with PAM stages
Hi,
I?m trying to develop a PAM module with OpenSSH, and I realized I need to
retrieve something in a later stage that was saved in another previous
stage. As far as my tests on OpenSSH 7.6 go, the password auth route goes
through PAM auth, account, session, and the session stage is in a different
UNIX process from the process where auth and account take place. For the
key auth route, auth stage
2004 Jan 26
6
OpenSSH, OpenAFS, Heimdal Kerberos and MIT Kerberos
Rather then implementing kafs in MIT Kerberos, I would like to
suggest an alternative which has advantages to all parties.
The OpenSSH sshd needs to do two things:
(1) sets a PAG in the kernel,
(2) obtains an AFS token storing it in the kernel.
It can use the Kerberos credentials either obtained via GSSAPI
delegation, PAM or other kerberos login code in the sshd.
The above two
2008 May 27
6
Openssh + AFS
The native authentication methods of openssh are
(not counting insecure RhostsRSAAuthentication)
1) public key
2) password
For users with home dirs in AFS space, method 1) does not work.
Except with (non foolproof) fiddling on the access controls within
the home directory. This might lead to security issues when done
by inexperienced users.
Without some work, only 2) remains. Being forced to send