Site Overview

Workstations, file servers and compute servers in our facility are integrated into a single network environment supporting such services as Kerberos, for security, and OpenAFS, for distributed file sharing. Our goal is to provide the user with a single integrated environment.

Currently, each user's credentials (passwords and tickets) are securely shared among all systems via Kerberos. Kerberos is an authentication system for network and host-based services. Once you have been authenticated to the Kerberos server, an encrypted ticket is automatically used to provide authentication to other hosts and services, such as ftp, telnet and email. This, along with the ability to encrypt sessions, provides enhanced network security.

User data (home directories and mass storage files) are not only shared via OpenAFS, but protected via Kerberos. OpenAFS is a distributed file system with the ability to span great distances and large network delays (it is truly global), support of local file caching for increased performance, and greater control of file permissions via Access Control Lists (ACLs). Users are authenticated to OpenAFS via Kerberos. If the pathname of a file or directory starts with '/afs', then it is part of AFS space and authentication is automatic.

If you have previous Kerberos or OpenAFS experience, you may find differences between this and other sites as we have modified both products.

This Is An Official U.S. Navy Website.

United States Naval Research Laboratory 4555 Overlook Ave., SW Washington, DC 20375