by William C. Benton
First, you’ll need to get some software:
(NB: These directions assume that your login name on your Mac is the same as on your CS account)
You’ll need to set up the appropriate Kerberos “realm.” At the time of this writing (10/15/2004), you can do that by executing the following command (all as one line):
sudo scp `email@example.com:/s/krb5/common/etc/krb5.conf /Library/Preferences/edu.mit.Kerberos
There is a GUI for Kerberos available in /System/Library/CoreServices/Kerberos.app. (If you’re still in the Terminal, you can launch this application with the open command. In fact, if you haven’t used open, you may want to read its man page; it is quite useful.)
If you don't want the Kerberos.app icon cluttering your Dock, fear not: Alan Halverson points out that you don't need to use the Kerberos GUI, and can instead use the kinit command in a terminal.
Test that your Kerberos setup is working by clicking on the “Get Tickets…” button and logging in with your CS username and password.
If your setup works, then you’ll be able to ssh to your workstation without a password! (That's a nice side effect.)
Double-click the OpenAFS installer package and step through the installation process. Do not reboot when it completes, but quit the installer. Then, execute the following command:
sudo echo cs.wisc.edu > /var/db/openafs/etc/ThisCell
Now you can reboot. (You can, if you desire, change your user ID to match your CS account by using the NetInfo Manager, but this is not necessary and, in my opinion, creates an enormous hassle.)
When you reboot, you’ll have an icon on your desktop for AFS
Note that this is for the entire world, so the Finder may not respond for a few minutes if you click on it. You can manually start OpenAFS if it didn't start properly for some reason: just type sudo /Library/StartupItems/OpenAFS/OpenAFS in a Terminal window. (Thanks to Kevin Moore for this tip; he noticed that AFS didn't restart properly after rebooting while not connected to any network.)
You’re not quite done yet; at this point, you only have access to public directories.
First, re-authenticate to wireless-gw if you're in the department (and if you haven't already done so). Then, get yourself a Kerberos ticket with Kerberos.app (or kinit) as described above. Finally, use the klog command from the Terminal to authenticate yourself to AFS. (If your CS username is the same as your Mac username, then you can just execute klog `whoami`.)
Now you’re done. You should be able to access your home directory (and anything else on AFS) from your Mac. If your username is pacman, then you can access your CS home directory at /afs/cs.wisc.edu/u/p/a/pacman
You can make a symbolic link to your CS home directory with a handy one-liner:
ln -s `ssh best-royal.cs.wisc.edu pwd` ~/home-at-cs
Enjoy, and good luck!
(By the way, I'm currently writing this on my Mac over AFS.)