Contact Us
For assistance, please email help@ece.cmu.edu
Emergency number: (412) 268-1732-
ITS Headlines
Tag Archives: unfacilitated
AFS on Unfacilitized Linux
How to install AFS on Linux and access the ece.cmu.edu AFS cell.
- Download and install the latest OpenAFS release
- Download and install the Kerberos client libraries and binaries from your distribution (likely named krb5-apps-client or krb5-client)
- Replace the contents of the file ThisCell with ece.cmu.edu (likely found in /etc/openafs/ThisCell, but check your specific package’s install location, root user privileges are needed to edit files in /etc, e.g., sudo vi /etc/openafs/ThisCell)
- Optional: Remove the option -dynroot from the OPTIONS line (this will likely be either your init script, or the setup it sources (The line to edit will likely be in your init script: /etc/init.d/openafs-client or /etc/sysconfig/openafs, it will depend on your distribution) (this allows paths like /afs/ece to be used instead of /afs/ece.cmu.edu)
- Create or update the file /etc/krb5.conf with the following contents: (This configures the kinit command for CMU’s Kerberos 5.)
[libdefaults]
default_realm = ECE.CMU.EDU
dns_fallback = yes
noaddresses = TRUE
[realms]
ECE.CMU.EDU = {
admin_server = krbadmin.ece.cmu.edu
kdc = kerberos.ece.cmu.edu
kdc = kerberos-1.ece.cmu.edu
kdc = kerberos-2.ece.cmu.edu
kdc = kerberos-3.ece.cmu.edu
}
ANDREW.CMU.EDU = {
admin_server = vice28.fs.andrew.cmu.edu
kdc = vice28.fs.andrew.cmu.edu
kdc = vice2.fs.andrew.cmu.edu
kdc = vice11.fs.andrew.cmu.edu
kdc = vice7.fs.andrew.cmu.edu
kdc = new-vice12.fs.andrew.cmu.edu
}
SCOTCH.ECE.CMU.EDU = {
kdc = lagavulin.scotch.ece.cmu.local
}
- OpenAFS and Kerberos 5 are now configured
- AFS starts at boot if a network connection is active at boot
- To start AFS manually: sudo /etc/init.d/openafs-client start
- To stop AFS manually: sudo /etc/init.d/openafs-client stop
- Kerberos tickets (which convert into AFS tokens with aklog, or afslog)
- To get ece.cmu.edu AFS tickets:
kinit username@ECE.CMU.EDU && aklog - To get andrew.cmu.edu AFS tickets:
kinit username@ANDREW.CMU.EDU &&
aklog andrew.cmu.edu -k ANDREW.CMU.EDU - To renew tickets without a password:
kinit -R && aklog - You can see all your Kerberos tickets using klist
- To get ece.cmu.edu AFS tickets:
- Kerberos: AFS Tokens only
klog username@ECE.CMU.EDU
Posted in Data Storage, Remote Access
Tagged AFS, kerberos, linux, openafs, unfacilitated, unfacilitized, unsupported.
