This is an old revision of the document!
Table of Contents
AFS configuration on self-administrated computers
Linux
Debian / Ubuntu and its derivatives
add-apt-repository -y "ppa:openafs/stable" apt-get update && apt-get upgrade
Type into the terminal window:
sudo apt-get install heimdal-clients openafs-client openafs-krb5
During the installation you'll be prompted to enter the 'Default Realm' of Kerberos. Enter in CAPITALS! please: MATH.UNI-HAMBURG.DE
. Furthermore you need to enter the 'Default cell' of AFS. In small letters please enter: math.uni-hamburg.de
.
After a reboot of the computer, AFS will start automatically, although it's possible to manually start the AFS service by typing the following into a terminal window:
sudo service openafs-client start
If you need the AFS only seldom and you DON'T want it to be started automatically with the system, you can deactivate it with the following command-line
sudo sed -i "s/AFS_CLIENT=true/AFS_CLIENT=false/" /etc/openafs/afs.conf.client
To start the AFS at need, you then need a force-start
:
sudo service openafs-client force-start
To access to the AFS, you first need to obtain a Kerberos ticket and an AFS token. Please enter the following commands into a terminal window:
kinit <identifier>
e.g. kinit fmnv165 (for Kerberos ticket)aklog
(for AFS token)
If for any reasons the 'Default Realm' and / or 'Default Cell' should be different from those mentioned above, you can use the long versions of the commands. In a terminal window please enter the following:
kinit <Kennung>@MATH.UNI-HAMBURG.DE
z.B. kinit fmnv165@MATH.UNI-HAMBURG.DEaklog math.uni-hamburg.de
Windows
Please note: This 'how-to' refers to the 64-bit version of Windows
- Download of the most recent Heimdal: (Heimdal 64-bit and 32-bit)
- Installation of
Heimdal-AMD64-full-1-5-100-930.msi
orHeimdal-AMD64-full-1-6-2-0.msi
Keep the default settings
Modify the file C:\ProgramData\Kerberos\krb5.conf
(Kerberos configuration)
- krb5.conf
[libdefaults] default_realm = MATH.UNI-HAMBURG.DE allow_weak_crypto = true clockskew = 300
- Download of the most recent Network Identity Managers
- Installation of
netidmgr-AMD64-rel-2_0_102_907.msi
Custom Settings:- Keystore → “Entire Feature unavailable”
- Download of the most recent OpenAFS: (64-bit OpenAFS plus 32-bit Tools)
- Installation of
openafs-en_US-64bit-1-7-3200.msi
Custom Settings:- Authentication for AFS → “Will be installed”
- Client configuration tool → “Will be installed”
- Default Cell: “math.uni-hamburg.de”
- Integrated Login: “Enable”
Do not restart the computer at this point.
- Download of the most recent OpenAFS-tools: (32-bit tools MSI installer)
- Installation of
openafs-32bit-tools-en_US-1-7-3200.msi
- Keep standard configuration
Now restart the computer.
Mac OS X
- Download of the most recent AFS version corresponding to the Mac OS X version:
- for 10.8: OpenAFS-1.6.5-MountainLion.dmg
- for 10.9: OpenAFS-1.6.11-Mavericks.dmg
- for 10.10: OpenAFS-1.6.14-Yosemite.dmg
- for 10.11: (there is currently no compatible AFS-Installer for El Capitan!)
- Open the .dmg file and install the contained .pkg file
Please enter during installation (Cell): math.uni-hamburg.de - Save the file krb5.conf into the home directory (WITHOUT the .txt extension, Safari might ask for this)
- As Root user copy this file (in a terminal window) to /etc/krb5.conf
sudo cp ~/krb5.conf /etc/krb5.conf
- Click onto the “Apple”-symbol at upper left corner → System Settings → Other → OpenAFS
- AFS Menu
- Backgrounder (responsible for monitoring the AFS-Tokens)
- use aklog
- get credential at login time (if desired)
- To see a link to the AFS on the Desktop, you have to open the settings of the Finder in the section “Show these items on the desktop” and set a checkmark near “Connected Servers”
Access to files in the AFS is for example via sftp on the command-line possible:
e.g. for the private Department-Website:
sftp <kennung>@unix4.math.uni-hamburg.de
connect with the Server
cd public_html
change into the correct directory
ls -al
list directory
get index.html
fetch the file
Edit the file index.html e.g. in TextWrangler - you can leave the Terminal with the sftp open
put index.html
Upload the modified file
bye
end SFTP