Csdcf

content for csdcf people

Accessing AFS from corn,myth

Usenet

Important changes to Usenet. news.stanford.edu was retired on September 1, 2009. The Computer Science department has implemented a replacement server—usenet.stanford.edu.
Note: newsreader server name change required.

Privileged Access Policy

Privileged Access (i.e., root or root equivalents) for machines managed by CSD-CF are bestowed to those who need it via the sudo command (sudo is short for "SUperuser DO"). To use it, simply prefix the command you want to run as root with "sudo". For example:

 sudo /sbin/reboot

sudo will ask you to authenticate yourself by typing in your password. sudo remembers your password for five minutes after the last sudo command you ran, so that you don't have to continually enter your password.

AFS client & Kerberos installation

AFS for 32 bit Windows7:

  • Login Windows as an administrator.  Download OpenAFS from http://www.openafs.org Choose the OpenAFSforWindows-version.exe and install it. 

AFS for 64 bit Windows7:

Firewall

CS (Gates) does not use the Stanford firewall, but the AI and Theory subnets within Gates have access control lists on them to restrict access to specific machines and protocols.

Password Tips

  • Use a different password in each authentication realm (CSID, SUNetID, BofA, SFCU, GMail, etc)
  • Passwords should not contain words, birth dates, pets' names, spouse names, and should be at least 8 characters long.
  • Passwords should contain non-alphanumeric characters.
  • You should not share your passwords with anyone, not even Computer Facilities.

Batch And Cron Jobs

This document describes how to use cron and other non-interactive systems to run programs on computers using AFS in Stanford Computer Science Department. Some familiarity with AFS is assumed.

One of the advantages of using AFS is that it offers strong protection for files by requiring Kerberos authentication and access-control list permissions in order to access files. The downside to this strong security is that it is more difficult to run programs that do not interact with anyone, such as daemons, mail delivery agents, and cron jobs.

Syndicate content