Configuring CentOS 5 for SSH and Kerberos

Get the krb5.conf

CentOS has the Kerberos tools installed by default. So no need to install those. First we'll need the krb5.conf configuration file. We probably don't need the whole configuration prepared by the CS, but it doesn't hurt to have it around either. Let's steal the file from hulk (sorry, you'll still have to login with a password):

sudo scp your_cs_id@hulk:/etc/krb5.conf /etc/krb5.conf

If you are running as root, you can omit the sudo prefix.

Install AFS tools

OpenAFS repos seem to have a wrong checksum file, so let's get the files we need manually:

curl -O http://dl.openafs.org/dl/openafs/1.6.1/rhel-5/x86_64/openafs-krb5-1.6.1-1.el5.x86_64.rpm
curl -O http://dl.openafs.org/dl/openafs/1.6.1/rhel-5/x86_64/openafs-1.6.1-1.el5.x86_64.rpm

Now install those files:

sudo rpm -Uvh openafs-krb5-1.6.1-1.el5.x86_64.rpm openafs-1.6.1-1.el5.x86_64.rpm

And finally, create a configuration file for the AFS tools:

sudo mkdir /usr/vice
sudo mkdir /usr/vice/etc
sudo vim /usr/vice/etc/ThisCell

Copy the following line into file ThisCell:

cs.stanford.edu

Configure the SSH client

Open the SSH client configuration file:

sudo vim /etc/ssh/ssh_config

And make sure that the following is set:

Host *
   GSSAPIAuthentication yes
   GSSAPIDelegateCredentials yes