User Tools

Site Tools


en:user:afs:install

AFS configuration on self-administrated computers

Linux

Debian / Ubuntu and its derivatives

Under Ubuntu it can be useful to integrate a 'ppa' (private package archive) prior to the installation of OpenAFS. This package contains the most recent version of OpenAFS.
add-apt-repository -y "ppa:openafs/stable"
apt-get update && apt-get upgrade

Type into the terminal window:

sudo apt-get install heimdal-clients openafs-client openafs-krb5

During the installation you'll be prompted to enter the 'Default Realm' of Kerberos. Enter in CAPITALS! please: MATH.UNI-HAMBURG.DE. Furthermore you need to enter the 'Default cell' of AFS. In small letters please enter: math.uni-hamburg.de.

After a reboot of the computer, AFS will start automatically, although it's possible to manually start the AFS service by typing the following into a terminal window:

sudo service openafs-client start

If secure boot is enabled in BIOS, the Linux kernel can only load modules that are signed. OpenAFS cannot be signed, since it is build on your computer upon install.

If you need the AFS only seldom and you DON'T want it to be started automatically with the system, you can deactivate it with the following command-line

sudo sed -i "s/AFS_CLIENT=true/AFS_CLIENT=false/" /etc/openafs/afs.conf.client

To start the AFS at need, you then need a force-start:

sudo service openafs-client force-start

To access to the AFS, you first need to obtain a Kerberos ticket and an AFS token. Please enter the following commands into a terminal window:

  • kinit <identifier>     e.g. kinit fmnv165 (for Kerberos ticket)
  • aklog     (for AFS token)

If for any reasons the 'Default Realm' and / or 'Default Cell' should be different from those mentioned above, you can use the long versions of the commands. In a terminal window please enter the following:

  • kinit <Kennung>@MATH.UNI-HAMBURG.DE     z.B. kinit fmnv165@MATH.UNI-HAMBURG.DE
  • aklog math.uni-hamburg.de

Windows

Please note: This 'how-to' refers to the 64-bit version of Windows
Installation-programs for 32-bit Windows are available at the respective “original address”.

  • Download of the most recent Heimdal
    (original address: https://www.secure-endpoints.com/heimdal/)
  • Installation of Heimdal-AMD64-full-7-4-0-40.msi
    Keep the default settings (“Typical”)

  • Download of the most recent Network Identity Manager: (Network Identity Manager 2.5.0.106 64-bit MSI)
    (ursprüngliche Adresse: http://www.secure-endpoints.com/netidmgr/v2/)
  • Installation of netidmgr-AMD64-rel-2_0_102_907.msi
    Custom Settings:
    • Keystore → “Entire Feature unavailable”

  • Download of the most recent OpenAFS
    (original address: https://www.auristor.com/openafs/client-installer/
  • Installation of yfs-openafs-en_US-AMD64-1_7_3301.msi
    Custom Settings:
    • Default Cell: “math.uni-hamburg.de”
    • Integrated Login: “Disable”

Now restart the computer.

First Login to AFS

  • On the right side of the taskbar, there's an icon with a yellow padlock,​ which is currently overlayed with a red X. Open the Network Identity Manager (NIM) by a click on this icon
  • The NIM has on the left a symbol with a yellow sun “​Obtain New Credentials”,​ klick it.
  • Username: UHH-Account (e.g. fmsv030)
  • Realm: MATH.UNI-HAMBURG.DE (must be in capital letters)
  • Press three times ​Next ​ (The standards are mostly ok)
  • Enter the Kerberos-Passwort of the Mathematics Department
  • Click Finish

Mac OS X

There are two different clients to access the AFS filesystem. The first is the open-source OpenAFS-Client, the other is the closed-source Auristor-Client. The installation of the latter is a little bit different than shown below, but in principle similar.
When Updating the Operating System, please remember: You must uninstall the old AuriStor or OpenAFS version with the corresponding version (e.g. uninstall OpenAFS for Yosemite with the same version). After that, choose the corresponding version for your Operating System.
  • Click onto the “Apple”-symbol at upper left corner → System Settings → Other → OpenAFS
  • In the OpenAFS window, below the “Tokens” - tab set the following checkmarks (see graphic):

  • AFS Menu
  • Backgrounder (responsible for monitoring the AFS-Tokens)
  • use aklog
  • get credential at login time (if desired)
  • → When the installation is finished, a symbol in form of a small lock appears in the menu-bar at the upper right corner (see graphic). By clicking on it you can login to the AFS ('Get New Token') or watch the status of the AFS (red X: not connected to the AFS)
  • To see a link to the AFS on the Desktop, you have to open the settings of the Finder in the section “Show these items on the desktop” and set a checkmark near “Connected Servers”
Access to files in the AFS is also for example via sftp on the command-line possible:
e.g. for your private Department-Website:
sftp <kennung>@login1.math.uni-hamburg.de connect with the Server
cd public_html change into the correct directory
ls -al list directory
get index.html fetch the file
Edit the file index.html e.g. in TextWrangler - you can leave the Terminal with the sftp open
put index.html Upload the modified file
bye end SFTP
en/user/afs/install.txt · Last modified: 2024/12/12 12:36 by Gaja Peters

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki