Kerberos tickets and AFS tokens on macOS

Many users have access to files and directories in AFS. To be able to take advantage of this, one must authenticate oneself in Kerberos and AFS. This document describes how to manually obtain kerbero tickets and AFS tokens to be able to read and write in AFS.

To connect to your AFS home directory from home, you need to be able to authenticate yourself with Kerberos tickets, have an AFS client installed and also valid AFS tokens. How to install and set up is described elsewhere on this site.

To get Kerberos tickets

The first step is to get kerbero tickets. The easiest way is via Terminal.app.

It is located in /Applications/Utilities/Terminal.app.

Then write

  kinit yourusernameatkth@KTH.SE

You can then see your kerbero tickets and their lifespan by writing

 klist

To end the validity of the tickets, write

  kdestroy

To obtain AFS tokens

Finally, when you have kerbero tickets, you also need to be able to get valid AFS tickets, so-called "tokens", in order to be able to read and write your files that are in AFS. Open the Terminal program again and type

   aklog

to obtain valid tokens.

You may need to enter the entire path - /usr/bin/aklog

To kill tokens, you can "unlog" in a Terminal window.

Make sure you have valid tickets

To check that you have valid kerbero tickets and tokens, do the following commands in Terminal:

"klist" to see the life of your kerbero tickets.

"tokens" to see the equivalent for AFS tokens.

My employment

Support and Service

Education

Research

Organisation and Regulations

Kerberos tickets and AFS tokens on macOS

To get Kerberos tickets

To obtain AFS tokens

Make sure you have valid tickets

Contact