Kerberos
	- Centralized authentication system

	Getting tickets:
		$ kinit
			Get tickets to your default user/realm
		$ kinit USER@REALM
			Get tickets for a specific user and realm
			eg. $ kinit bovik@CS.CMU.EDU
	Listing tickets
		$ klist
	Installing/configuring Kerberos
		General instructions:
			Install the Kerberos5 client from your distro's
			repositories. Configuration should then be as simple
			as adding the line:
				default_realm = ANDREW.CMU.EDU
			Under '#:[libdefaults]' in /etc/krb5.conf
		Debian/Ubuntu:
			# apt-get install krb5-user krb5-config krb5-clients
			# dpkg-reconfigure krb5-config
			When prompted for a default realm, enter ANDREW.CMU.EDU
			(or whatever your favorite realm is)

	Kerberos authentication in ssh
		Simply need to configure your ssh client to use the
		proper authentication scheme.
		Edit ~/.ssh/config to include the following lines:
		(obviously, relpcae ANDREWID with your AndrewID)
host *.cmu.edu
user ANDREWID
GSSAPIAuthentication yes
GSSAPIDelegateCredentials yes

	Additional resources:
		How Kerberos actually works:
		(a lot of this was poorly covered for the sake of brevity)
			http://en.wikipedia.org/wiki/Kerberos_(protocol)#Protocol
		How to use Kerberos:
		(this is intended primarily for cs.cmu.edu users,
		but is easily generalized)
			http://www.cs.cmu.edu/~help/accounts_passwords/kerberos.html


AFS
	- A distributed networked file system

	- Cells mounted at /afs/CELLNAME
	- Useful cmu directories:
		/afs/andrew.cmu.edu/user/ANDREWID
		/afs/andrew.cmu.edu/user/ANDREWID/www
			Access via http at: http://www.contrib.andrew.cmu.edu/~ANDREWID
		/afs/andrew.cmu.edu/course/
	- List permissions:
		fs la
	- Set permissions:
		fs sa ./ [user or group] [flags]
	- Permission flags:
		r	read			read files in the directory
		w	write			write to existing files
		k	lock			allow programs to place locks on files
		l	lookup			list contents of directory
		i	insert			add files or subdirectories
		d	delete			delete files or subdirectories
		a	administer		edit the acl for this directory
	- Groups:
		- Names have the form [owner]:[identifier]
			eg ccpresea:friends
		- Creation:
			pts creategroup [owner]:[identifier]
		- Add user:
			pts adduser [user] [groupname]
		- Remove user:
			pts removeuser [user] [groupname]
		- Listing membership:
			pts membership [groupname]

	- Tokens:
		- Generated automagically when you log into an Andrew machine
		- Get them manually:
			aklog REALM
				eg. aklog club.cc.cmu.edu

	Additional resources:
		A very detailed guide on how to use afs:
		(again, this is intended only for cs.cmu.edu users, but
		the information is easily generalized)
			http://www.cs.cmu.edu/~help/afs/index.html