[HCoop-Help] why Kerberos instead of .ssh/authorized_keys ?

Adam Chlipala adamc at hcoop.net
Wed Dec 3 09:00:48 EST 2008

I think megacz has a standard answer to this.  I don't remember if we 
have a wiki page to refer people to when they ask this (frequent) 
question.  Do we?  Ideally, someone would have answered Daniel's 
question simply by giving that URL.

Nathan Kennedy wrote:
> authorized_keys support was abandoned when we switched to AFS because our
> admins simply could not figure out how to make this feature of sshd
> compatible with our AFS setup and permissions.  There is nothing wrong with
> sshd, and this is a limitation we would rather not have, but which we have
> been living with.  It's also not something wrong with our admins, as it
> seems that greater installations than HCoop have not solved this problem.
> You are correct that kerberos is the supported alternative to ssh keys.
> -ntk
> On Wed, 26 Nov 2008 18:32:24 -0800, "Daniel Wilkerson"
> <daniel.wilkerson at gmail.com> wrote:
>> I'll bet someone has asked this before but my meta-point is that
>> finding out stuff on the hoop site is sometimes a bit challenging.
>> Anyway, why are we using Kerberos instead of .ssh/authorized_keys  to
>> allow automatic login?  Is there something wrong with ssh?

More information about the HCoop-Help mailing list