W3C home > Mailing lists > Public > www-archive@w3.org > February 2007

pubkinit: delegating kerberos login to a public key

From: Dan Connolly <connolly@w3.org>
Date: Fri, 09 Feb 2007 01:22:47 -0600
To: breadcrumbs <www-archive+breadcrumbs@w3.org>
Message-Id: <1171005767.7497.606.camel@dirk>
CSAIL's storage is pretty much all AFS, which requires
shared-key login. I always forget the key, and I much
prefer public-key for scalability etc.

With pubkinit, I can use my gpg key to encrypt the
AFS/kerberos passord and store it; then when I want
to login, I use the gpg key to decrypt the shared
key. This works nicely with the gnome gpg-agent

See the authorization category in breadcrumbs

A step forward with python and sshagent, and a walk around gnome
security tools
Submitted by connolly on Wed, 2006-03-29

$ hg log --limit 10 --template '#rev#:#node|short# #date|shortdate#
2:f75ea9ff44bb 2007-01-05 cite kinit source
1:7a247b24273f 2007-01-05 login using dbus/pgp works
0:220d687c5d8b 2006-10-30 credstore.py 1.1 from

Dan Connolly, W3C http://www.w3.org/People/Connolly/
D3C2 887B 0F92 6005 C541  0875 0F91 96DE 6E52 C29E

Received on Friday, 9 February 2007 07:23:00 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:43:05 UTC