AFS, or Andrew File System, is a distributed file system that was created at Carnegie Mellon University.  Here at Shippensburg University, we use a derivative of AFS called OpenAFS.  Essentially, AFS is a networked filesystem that has numerous advantages over traditional networked filesystems such as NFS: namely, its use of local caching, its expandability, and its added security.  While the average user needs to know little about AFS in order to use our systems here at Shippensburg, there could be cases where you may need to know the various commands used with AFS.  This article's purpose is mainly to give the average user enough information to adequately operate the AFS implementation at Shippensburg University.

     When you log onto a computer at Shippensburg, whether it be through SSH or physically, you will automatically be given Kerberos and AFS credentials.  However, those credentials are only valid for a limited amount of time.  Thus, if you leave your SSH or physical session logged on for a long period of time, you may end up losing your credentials.  That is normal and expected.  With AFS, your credentials are given to you in the form of "tickets."  Thus, whenever you log into one of our systems, you are authenticated and given Kerberos and AFS tickets.  To view your tickets, open up a terminal and type "klist".  This will show you the names of your tickets, and their expiration time.  Once these tickets have expired, you need to either log out and then back in, or type the following commands from the terminal.  By typing "kinit <yourusername>" you will be prompted for your password, and upon proper authentication you will be given a Kerberos ticket.  This verifies your identity by having you supply your user name and password.

     Next, type "aklog".  This takes your Kerberos ticket, and uses it to verify your identity against our AFS servers to allow you access to your files.  Whenever you log in, this process is automatically done for you, however as previously stated there may be some cases in which you need to re-verify to stay logged in for extended periods of time.  For more information regarding AFS, you are encouraged to read the documentation for OpenAFS here:

Dr. Briggs conducted a Tech Talk about OpenAFS. For more information, see Tech Talk Week 1.