ansantam · February 15, 2023 08:10 · Feb 26, 2015 · Feb 26, 2015 · Jan 28, 2015 · Dec 1, 2014
diff --git a/Ubuntu_at_CERN.md b/Ubuntu_at_CERN.md
@@ -3,7 +3,7 @@ CERN Hacks
 This Gist is a guide on how to setup your computer at CERN with __Ubuntu 14.04 LTS__. 
 Last tested by myself on a brand new computer on __18/11/2014__, proof tested by @[Alea88](https://github.com/Alea88).
 
-#### NOTE
+#### NOTE (26-02-2015)
 With the kernel upgrade from 3.13.0-45-generic to 3.13.0-46-generic AFS stops working:
 https://bugs.launchpad.net/ubuntu/+source/openafs/+bug/1423151
 

diff --git a/Ubuntu_at_CERN.md b/Ubuntu_at_CERN.md
@@ -3,6 +3,25 @@ CERN Hacks
 This Gist is a guide on how to setup your computer at CERN with __Ubuntu 14.04 LTS__. 
 Last tested by myself on a brand new computer on __18/11/2014__, proof tested by @[Alea88](https://github.com/Alea88).
 
+#### NOTE
+With the kernel upgrade from 3.13.0-45-generic to 3.13.0-46-generic AFS stops working:
+https://bugs.launchpad.net/ubuntu/+source/openafs/+bug/1423151
+
+Type this to check your kernel version:
+
+```
+uname -r
+```
+
+To revert the change in your system, type:
+
+```
+sudo apt-get remove 3.13.0-46-generic
+sudo update-grub
+```
+
+Then restart your computer.
+
 ### How To Acces AFS 
 
 #### Step 1: install packages

diff --git a/Ubuntu_at_CERN.md b/Ubuntu_at_CERN.md
@@ -1,4 +1,3 @@
-
 CERN Hacks
 ----------
 This Gist is a guide on how to setup your computer at CERN with __Ubuntu 14.04 LTS__. 
@@ -222,7 +221,18 @@ git clone git://github.com/scipy/scipy.git scipy
 cd scipy
 sudo python setup.py install
 ```
+```
+git clone git://github.com/pydata/pandas.git
+cd pandas
+sudo python setup.py install
+```
 
+```
+git clone git://github.com/mwaskom/seaborn.git
+cd seaborn
+sudo python setup.py install
+
+```
 - Install pip
 ```
 sudo apt-get install python-pip

diff --git a/Ubuntu_at_CERN.md b/Ubuntu_at_CERN.md
@@ -186,11 +186,9 @@ git config --global color.ui auto
 
 - Download Python
 ```
-wget http://python.org/ftp/python/2.7.8/Python-2.7.8.tgz
-```
-
-- Untar it, acces the folder and
-```
+sudo wget http://python.org/ftp/python/2.7.8/Python-2.7.8.tgz
+tar zxf Python-2.7.8.tgz -C ~/software
+cd ~/software/Python-2.7.8
 ./configure
 make
 sudo make install
@@ -211,7 +209,7 @@ sudo python setup.py install
 ```
 
 ```
-wget http://cython.org/release/Cython-0.21.1.tar.gz
+sudo wget http://cython.org/release/Cython-0.21.1.tar.gz
 tar zxf Cython-0.21.1.tar.gz -C ~/software
 cd ~/software/Cython-0.21.1
 sudo python setup.py install
@@ -225,12 +223,11 @@ cd scipy
 sudo python setup.py install
 ```
 
-
-
 - Install pip
 ```
 sudo apt-get install python-pip
 ```
+__WARNING!__: _sudo apt-get install_ installs the packages in __/usr/lib/python2.7__ and _pip install_ in __/usr/local/lib/python2.7__. If you mix up both installation methods it will give problems, so it's better to use pip only in your virtual environment.
 
 - Instal virtual environments (click [here](https://gist.github.com/KFubuki/17d724d224bd97a0f20f#virtual-environment) to see how it works)
 

diff --git a/Ubuntu_at_CERN.md b/Ubuntu_at_CERN.md
@@ -210,6 +210,13 @@ cd numpy
 sudo python setup.py install
 ```
 
+```
+wget http://cython.org/release/Cython-0.21.1.tar.gz
+tar zxf Cython-0.21.1.tar.gz -C ~/software
+cd ~/software/Cython-0.21.1
+sudo python setup.py install
+```
+
 ```
 sudo apt-get install libblas-dev
 sudo apt-get install liblapack-dev
@@ -218,12 +225,7 @@ cd scipy
 sudo python setup.py install
 ```
 
-```
-wget http://cython.org/release/Cython-0.21.1.tar.gz
-tar zxf Cython-0.21.1.tar.gz -C ~/software
-cd ~/software/Cython-0.21.1
-sudo python setup.py install
-```
+
 
 - Install pip
 ```

diff --git a/Ubuntu_at_CERN.md b/Ubuntu_at_CERN.md
@@ -220,7 +220,8 @@ sudo python setup.py install
 
 ```
 wget http://cython.org/release/Cython-0.21.1.tar.gz
-cd Cython-0.21.1
+tar zxf Cython-0.21.1.tar.gz -C ~/software
+cd ~/software/Cython-0.21.1
 sudo python setup.py install
 ```
 

diff --git a/Ubuntu_at_CERN.md b/Ubuntu_at_CERN.md
@@ -196,10 +196,32 @@ make
 sudo make install
 ```
 
-- Install important things
+- Install important things from source
 
 ```
-sudo apt-get install python-numpy python-scipy python-matplotlib ipython ipython-notebook python-pandas python-sympy python-nose
+git clone git://github.com/matplotlib/matplotlib.git
+cd matplotlib
+sudo python setup.py install
+```
+
+```
+git clone git://github.com/numpy/numpy.git numpy
+cd numpy
+sudo python setup.py install
+```
+
+```
+sudo apt-get install libblas-dev
+sudo apt-get install liblapack-dev
+git clone git://github.com/scipy/scipy.git scipy
+cd scipy
+sudo python setup.py install
+```
+
+```
+wget http://cython.org/release/Cython-0.21.1.tar.gz
+cd Cython-0.21.1
+sudo python setup.py install
 ```
 
 - Install pip
@@ -213,6 +235,8 @@ sudo apt-get install python-pip
 sudo pip install virtualenv
 ```
 
+
+
 ### Installing Adobe Reader and setting it as default
 
 Download Adobe Reader (32 bit) from the Adobe site: ftp://ftp.adobe.com/pub/adobe/reader/unix/9.x/9.5.5/enu/AdbeRdr9.5.5-1_i386linux_enu.deb

diff --git a/Ubuntu_at_CERN.md b/Ubuntu_at_CERN.md
@@ -246,15 +246,8 @@ sudo apt-get install texlive-latex-bas
 ```
 
 - TexLive
-
-Get the source, untar it: http://ftp.gnu.org/pub/gnu/auctex/auctex-11.88.tar.gz
-
-```
-./install-tl
-Enter command: i
-```
-
-Add /usr/local/texlive/2014/bin/x86_64-linux to your path
-
+``
+https://github.com/scottkosty/install-tl-ubuntu
+``
 
 
diff --git a/Ubuntu_at_CERN.md b/Ubuntu_at_CERN.md
@@ -220,9 +220,16 @@ Download Adobe Reader (32 bit) from the Adobe site: ftp://ftp.adobe.com/pub/adob
 sudo dpkg -i --force-architecture AdbeRdr9.5.5-1_i386linux_enu.deb
 sudo apt-get -f install
 sudo apt-get install libxml2:i386 lib32stdc++6
+```
+To set it as the default program to open pdfs:
+``
 mimeopen -d *.pdf
+``
+
+Open a document for the first time:
+``
 acroread <path>/<MyDocument>.pdf
-```
+``
 
 ### Things to install
 
@@ -238,7 +245,7 @@ acroread <path>/<MyDocument>.pdf
 sudo apt-get install texlive-latex-bas
 ```
 
--TexLive
+- TexLive
 
 Get the source, untar it: http://ftp.gnu.org/pub/gnu/auctex/auctex-11.88.tar.gz
 

diff --git a/Ubuntu_at_CERN.md b/Ubuntu_at_CERN.md
@@ -247,5 +247,7 @@ Get the source, untar it: http://ftp.gnu.org/pub/gnu/auctex/auctex-11.88.tar.gz
 Enter command: i
 ```
 
+Add /usr/local/texlive/2014/bin/x86_64-linux to your path
+
 
 
diff --git a/Ubuntu_at_CERN.md b/Ubuntu_at_CERN.md
@@ -238,5 +238,14 @@ acroread <path>/<MyDocument>.pdf
 sudo apt-get install texlive-latex-bas
 ```
 
+-TexLive
+
+Get the source, untar it: http://ftp.gnu.org/pub/gnu/auctex/auctex-11.88.tar.gz
+
+```
+./install-tl
+Enter command: i
+```
+
 
 
diff --git a/Ubuntu_at_CERN.md b/Ubuntu_at_CERN.md
@@ -232,8 +232,11 @@ acroread <path>/<MyDocument>.pdf
 - Atom (click [here](https://www.computersnyou.com/3254/install-atom-editor-ubuntu-14-04/))
 - Subversion
 - Terminator
+- Pdflatex
 
-
+```
+sudo apt-get install texlive-latex-bas
+```
 
 
 
diff --git a/Ubuntu_at_CERN.md b/Ubuntu_at_CERN.md
@@ -215,11 +215,13 @@ sudo pip install virtualenv
 
 ### Installing Adobe Reader and setting it as default
 
+Download Adobe Reader (32 bit) from the Adobe site: ftp://ftp.adobe.com/pub/adobe/reader/unix/9.x/9.5.5/enu/AdbeRdr9.5.5-1_i386linux_enu.deb
 ```
-cd ~/Downloads && wget -c http://ardownload.adobe.com/pub/adobe/reader/unix/9.x/9.5.5/enu/AdbeRdr9.5.5-1_i386linux_enu.deb
-sudo dpkg -i AdbeRdr9.5.5-1_i386linux_enu.deb
-sudo apt-get install -f
+sudo dpkg -i --force-architecture AdbeRdr9.5.5-1_i386linux_enu.deb
+sudo apt-get -f install
+sudo apt-get install libxml2:i386 lib32stdc++6
 mimeopen -d *.pdf
+acroread <path>/<MyDocument>.pdf
 ```
 
 ### Things to install

diff --git a/Ubuntu_at_CERN.md b/Ubuntu_at_CERN.md
@@ -213,6 +213,15 @@ sudo apt-get install python-pip
 sudo pip install virtualenv
 ```
 
+### Installing Adobe Reader and setting it as default
+
+```
+cd ~/Downloads && wget -c http://ardownload.adobe.com/pub/adobe/reader/unix/9.x/9.5.5/enu/AdbeRdr9.5.5-1_i386linux_enu.deb
+sudo dpkg -i AdbeRdr9.5.5-1_i386linux_enu.deb
+sudo apt-get install -f
+mimeopen -d *.pdf
+```
+
 ### Things to install
 
 - Chrome

diff --git a/Ubuntu_at_CERN.md b/Ubuntu_at_CERN.md
@@ -2,7 +2,7 @@
 CERN Hacks
 ----------
 This Gist is a guide on how to setup your computer at CERN with __Ubuntu 14.04 LTS__. 
-Last tested by myself on a brand new computer on __18/11/2014__, proof tested by @Alea88.
+Last tested by myself on a brand new computer on __18/11/2014__, proof tested by @[Alea88](https://github.com/Alea88).
 
 ### How To Acces AFS 
 

diff --git a/Ubuntu_at_CERN.md b/Ubuntu_at_CERN.md
@@ -1,8 +1,8 @@
 
 CERN Hacks
 ----------
-This Gist is a guide on how to setup your brand new computer at CERN with __Ubuntu 14.04 LTS__. 
-Last tested on __17/11/2014__.
+This Gist is a guide on how to setup your computer at CERN with __Ubuntu 14.04 LTS__. 
+Last tested by myself on a brand new computer on __18/11/2014__, proof tested by @Alea88.
 
 ### How To Acces AFS 
 

diff --git a/Ubuntu_at_CERN.md b/Ubuntu_at_CERN.md
@@ -126,7 +126,7 @@ sudo service ntp restart
 My way of obtaining my credentials is adding the following line in my __.bash_aliases__ file: 
 
 ```
-alias afs="kdestroy && kinit -kt .keytab ansantam -l 7d -r 1d ; aklog CERN.CH"
+alias afs="kdestroy && kinit -kt /etc/krb5.keytab ansantam -l 7d -r 1d ; aklog CERN.CH"
 ```
 Like this I can obtain the credentials only by typping __"afs"__ in the console.
 

diff --git a/Ubuntu_at_CERN.md b/Ubuntu_at_CERN.md
@@ -21,7 +21,7 @@ sudo apt-get install krb5-config
 
 #### Step 2: generate your keytab
 
-Make sure that you don't have any .keytab created yet. If so, erase it. If you want to check whats in your keytab type:
+Make sure that you don't have any __.keytab__ created yet. If so, erase it. If you want to check whats in your keytab type:
 
 ```
 $ ktutil
@@ -42,7 +42,7 @@ See if your keytab works:
 kinit -kt .keytab ansantam
 ```
 
-If nothing appears in your prompt, it works. Move your .keytab file to __/etc/__ and rename it krb5.keytab.
+If nothing appears in your prompt, it works. Move your __.keytab__ file to __/etc/__ and rename it __krb5.keytab__.
 
 #### Step 3: use "cern.ch" as default AFS cell
 

diff --git a/Ubuntu_at_CERN.md b/Ubuntu_at_CERN.md
@@ -28,22 +28,21 @@ $ ktutil
 ktutil: read_kt path_to_keytab/name_of_keytab
 ktutil: list
 ```
-
-Go to __/etc/__ and execute this commands, with your username:
+Execute this commands, with your username:
 ```
 $ ktutil
 ktutil: addent -password -p [email protected] -k 1 -e aes256-cts
 ktutil: addent -password -p [email protected] -k 1 -e arcfour-hmac-md5
-ktutil: wkt krb5.keytab
+ktutil: wkt .keytab
 ktutil: q
 ```
 
 See if your keytab works:
 ```
-kinit -kt krb5.keytab ansantam
+kinit -kt .keytab ansantam
 ```
 
-If nothing appears in your prompt, it works.
+If nothing appears in your prompt, it works. Move your .keytab file to __/etc/__ and rename it krb5.keytab.
 
 #### Step 3: use "cern.ch" as default AFS cell
 

diff --git a/Ubuntu_at_CERN → Ubuntu_at_CERN.md b/Ubuntu_at_CERN → Ubuntu_at_CERN.md
diff --git a/HowTo_AFS_from_Linux.markdown → Ubuntu_at_CERN b/HowTo_AFS_from_Linux.markdown → Ubuntu_at_CERN
@@ -1,7 +1,7 @@
 
 CERN Hacks
 ----------
-This repository is a guide on how to setup your brand new computer at CERN with __Ubuntu 14.04 LTS__. 
+This Gist is a guide on how to setup your brand new computer at CERN with __Ubuntu 14.04 LTS__. 
 Last tested on __17/11/2014__.
 
 ### How To Acces AFS 
@@ -40,7 +40,7 @@ ktutil: q
 
 See if your keytab works:
 ```
-kinit -kt .keytab ansantam
+kinit -kt krb5.keytab ansantam
 ```
 
 If nothing appears in your prompt, it works.

diff --git a/HowTo_AFS_from_Linux.markdown b/HowTo_AFS_from_Linux.markdown
@@ -1,8 +1,13 @@
-How to connect to AFS from your Linux computer (Kerberos)
-==========================================================
 
-Step 1: install packages
-------------------------
+CERN Hacks
+----------
+This repository is a guide on how to setup your brand new computer at CERN with __Ubuntu 14.04 LTS__. 
+Last tested on __17/11/2014__.
+
+### How To Acces AFS 
+
+#### Step 1: install packages
+
 
 Download the following:
 
@@ -14,14 +19,22 @@ sudo apt-get install krb5-user
 sudo apt-get install krb5-config
 ```
 
-Step 2: generate your keytab
-----------------------------
+#### Step 2: generate your keytab
+
+Make sure that you don't have any .keytab created yet. If so, erase it. If you want to check whats in your keytab type:
 
+```
+$ ktutil
+ktutil: read_kt path_to_keytab/name_of_keytab
+ktutil: list
+```
+
+Go to __/etc/__ and execute this commands, with your username:
 ```
 $ ktutil
 ktutil: addent -password -p [email protected] -k 1 -e aes256-cts
 ktutil: addent -password -p [email protected] -k 1 -e arcfour-hmac-md5
-ktutil: wkt .keytab
+ktutil: wkt krb5.keytab
 ktutil: q
 ```
 
@@ -32,76 +45,25 @@ kinit -kt .keytab ansantam
 
 If nothing appears in your prompt, it works.
 
-
-Step 3: automatize identification
-----------------------------------
-
-My way of obtaining my credentials is adding the following line in my __.bash_aliases__ file: 
-
-```
-alias afs="kdestroy && kinit -kt .keytab ansantam -l 7d -r 1d ; aklog CERN.CH"
-```
-Like this I can obtain the credentials only by typping __"afs"__ in the console.
-
-What all of this means:
-
-* The __"kdestroy"__ command deletes a Kerberos credentials cache file. More info [here](http://publib.boulder.ibm.com/infocenter/aix/v7r1/index.jsp?topic=%2Fcom.ibm.aix.cmds%2Fdoc%2Faixcmds3%2Fkdestroy.htm)
-
-* The __"kinit"__ command is used to get a Kerberos ticket. See __"kinit"__'s options [here](http://linux.die.net/man/1/kinit). We are using the keytab we just created to obtain the Kerberos ticket.
-
-* The __"aklog"__ command is used to obtain tokens for authentication to AFS. More info [here](http://docs.openafs.org/Reference/1/aklog.html).
-
-
-Step 4: renew your token automatically
---------------------------------------
-Open the file __/etc/crontab__ and add the following line:
-
-```
-@daily ID=afstoken kinit --renew
-```
-
-Step 5: use "cern.ch" as default AFS cell
------------------------------------------
+#### Step 3: use "cern.ch" as default AFS cell
 
 Open the file __/etc/openafs/ThisCell__ and add ``cern.ch`` 
 
+#### Step 4: setup kerberos5 authentication
 
-Step 6: setup kerberos5 authentication
------------------------------------------
-Open the file __/etc/krb5.conf__ and add:
-
-```
-# settings for CERN.CH realm are taken from file
-#   lxplus.cern.ch:/etc/krb5.conf
-
-[libdefaults]
-  default_realm = CERN.CH
+Open the file __/etc/krb5.conf__ and replace it by [this one](http://linux.web.cern.ch/linux/docs/krb5.conf)
 
-[realms]
-  CERN.CH = {
-    default_domain = cern.ch
-    kpasswd_server = afskrb5m.cern.ch
-    admin_server = afskrb5m.cern.ch
-    kdc = afsdb1.cern.ch
-    kdc = afsdb2.cern.ch
-    kdc = afsdb3.cern.ch
-  }
 
-[domain_realm]
-  cern.ch = CERN.CH
-  .cern.ch = CERN.CH
-```
+#### Step 5: avoiding SSH errors
 
-Step 7: avoiding SSH errors
-----------------------------
 To avoid problems when connecting to lxplus with:
 ```
 ssh user@lxplus
 ```
-open the file __/etc/ssh/ssh_config__ and be sure to uncomment the following options:
+open the file __/etc/ssh/ssh_config__ and make it look like this:
 
 ```
-Host *
+HOST lxplus*
     ForwardX11 yes
     ForwardX11Trusted no
     GSSAPITrustDNS yes
@@ -110,8 +72,16 @@ Host *
     GSSAPIDelegateCredentials yes
 ```
 
-Step 8: time sync
------------------
+#### Step 6: renew your token automatically
+
+Open the file __/etc/crontab__ and add the following line:
+
+```
+@daily ID=afstoken kinit --renew
+```
+
+#### Step 7: time sync
+
 Kerberos only works if your computer clock is in close sync (certainly within 5 minutes) with CERN time servers. 
 
 In a normal computer you can do a one-off clock sync like typing the following:
@@ -152,28 +122,106 @@ More information [here](http://service-ntp.web.cern.ch/service-ntp/clientconfig.
 sudo service ntp restart
 ```
 
-Debugging
----------
+#### Step 8: automatize identification
+
+My way of obtaining my credentials is adding the following line in my __.bash_aliases__ file: 
+
+```
+alias afs="kdestroy && kinit -kt .keytab ansantam -l 7d -r 1d ; aklog CERN.CH"
+```
+Like this I can obtain the credentials only by typping __"afs"__ in the console.
+
+What all of this means:
+
+* The __"kdestroy"__ command deletes a Kerberos credentials cache file. More info [here](http://publib.boulder.ibm.com/infocenter/aix/v7r1/index.jsp?topic=%2Fcom.ibm.aix.cmds%2Fdoc%2Faixcmds3%2Fkdestroy.htm)
+
+* The __"kinit"__ command is used to get a Kerberos ticket. See __"kinit"__'s options [here](http://linux.die.net/man/1/kinit). We are using the keytab we just created to obtain the Kerberos ticket.
+
+* The __"aklog"__ command is used to obtain tokens for authentication to AFS. More info [here](http://docs.openafs.org/Reference/1/aklog.html).
+
+
+#### Debugging
 
-* Restart the console so your alias set up in __Step 3__ will work.
+* Restart the console so your alias will work.
 * Restart the AFS client: ``sudo service openafs-client restart``.
-* Login with the alias you chose in __Step 3__ (make sure you get ticket and token).
-* Make sure the clocks are synced (__Step 8__).
+* Login with the alias you chose (make sure you get ticket and token).
+* Make sure the clocks are synced.
 
 
-References
-----------
+#### References
 
 * [Ome Gak](https://gist.github.com/OmeGak/9530124)
 * [linux.web.cern.ch](http://linux.web.cern.ch/linux/docs/kerberos-access.shtml)
 * [akorneev.web.cern.ch](http://akorneev.web.cern.ch/akorneev/howto/openafs.txt)
 * [Yngve's blog](http://eothred.wordpress.com/2011/05/09/cern-and-kerberos-tokens/)
 
 
+### How To Install a CERN Printer
+- Open the printer settings on your local computer.
+- Click "Add"
+- Select "Network printer" --> "LPD/LPR Host or printer"
+- Look for the name of your printer [here](https://printservice.web.cern.ch/printservice/UserTools/PrinterStatus.aspx)
+- Write __name.print.cern.ch__ in the field "Host" and __name__ in "Queue" and press "Forward"
+- Select brand and model of the printer
+- Select the duplexer if it can print both sides of the paper
+- Change the name of the printer to the original name provided by the CERN page provided above
+- Print a test page
+- Done!
+
+### How to install Spotify
+Follow this [link](https://www.evernote.com/shard/s364/sh/d9ac7567-f789-42ec-b6a9-0f323d9928d9/806834de8e8ca12bc4220251ac3ce101) to my Evernote snippet about it.
+
+### Setting up Git
+
+- Install it
+``
+sudo apt-get install git
+``
+- Activate the colors 
+``
+git config --global color.ui auto
+``
+- Create your SSH key following this [link](https://help.github.com/articles/generating-ssh-keys/)
+
+### Setting up Python
+
+- Download Python
+```
+wget http://python.org/ftp/python/2.7.8/Python-2.7.8.tgz
+```
+
+- Untar it, acces the folder and
+```
+./configure
+make
+sudo make install
+```
+
+- Install important things
+
+```
+sudo apt-get install python-numpy python-scipy python-matplotlib ipython ipython-notebook python-pandas python-sympy python-nose
+```
+
+- Install pip
+```
+sudo apt-get install python-pip
+```
 
+- Instal virtual environments (click [here](https://gist.github.com/KFubuki/17d724d224bd97a0f20f#virtual-environment) to see how it works)
 
+```
+sudo pip install virtualenv
+```
 
+### Things to install
 
+- Chrome
+- Dropbox
+- Emacs (click [here](https://github.com/KFubuki/dotfiles/tree/master/emacs) for my emacs configuration)
+- Atom (click [here](https://www.computersnyou.com/3254/install-atom-editor-ubuntu-14-04/))
+- Subversion
+- Terminator
 
 
 

diff --git a/HowTo_AFS_from_Linux.markdown b/HowTo_AFS_from_Linux.markdown
@@ -19,7 +19,7 @@ Step 2: generate your keytab
 
 ```
 $ ktutil
-ktutil: addent -password -p ansantamCERN.CH -k 1 -e aes256-cts
+ktutil: addent -password -p ansantam@CERN.CH -k 1 -e aes256-cts
 ktutil: addent -password -p [email protected] -k 1 -e arcfour-hmac-md5
 ktutil: wkt .keytab
 ktutil: q

diff --git a/HowTo_AFS_from_Linux.markdown b/HowTo_AFS_from_Linux.markdown
@@ -114,19 +114,43 @@ Step 8: time sync
 -----------------
 Kerberos only works if your computer clock is in close sync (certainly within 5 minutes) with CERN time servers. 
 
-I don't know if this will help for a computer within CERN, but in a normal computer you can do a one-off clock sync like this:
+In a normal computer you can do a one-off clock sync like typing the following:
 
 ```
 ntpdate ntp.ubuntu.com
 ```
 
-But it's better to install the ntp daemon, which will continuously keep your clock in accurate sync.
+For CERN you'll need to install the ntp daemon, which will continuously keep your clock in accurate sync with the CERN time servers.
 
 ```
 apt-get install ntp
 ```
 
-Afterwards follow [this link](http://service-ntp.web.cern.ch/service-ntp/clientconfig.asp).
+Then add the following lines to your __/etc/ntp.conf__ file, and comment or erase the lines for ubuntu time servers:
+```
+# CERN Client
+                   
+server 137.138.18.69 version 4 #IP-TIME-0
+server 137.138.16.69 version 4 #IP-TIME-1
+server 137.138.17.69 version 4 #IP-TIME-2
+                   
+# Disable remote access, but trust sources of time restrict default nomodify #noquery
+restrict default nomodify noquery
+
+# Allow hosts to query stats and ask for the time.
+# eg restrict 123.123.123.123 nomodify
+
+# Allow localhost to do everything.
+restrict 127.0.0.1
+
+#logconfig=all
+```
+
+More information [here](http://service-ntp.web.cern.ch/service-ntp/clientconfig.asp). Then restart the ntp service:
+
+```
+sudo service ntp restart
+```
 
 Debugging
 ---------

diff --git a/HowTo_AFS_from_Linux.markdown b/HowTo_AFS_from_Linux.markdown
@@ -126,6 +126,8 @@ But it's better to install the ntp daemon, which will continuously keep your clo
 apt-get install ntp
 ```
 
+Afterwards follow [this link](http://service-ntp.web.cern.ch/service-ntp/clientconfig.asp).
+
 Debugging
 ---------
 

diff --git a/HowTo_AFS_from_Linux.markdown b/HowTo_AFS_from_Linux.markdown
@@ -1,5 +1,5 @@
-How to connect to AFS from your Linux computer
-==============================================
+How to connect to AFS from your Linux computer (Kerberos)
+==========================================================
 
 Step 1: install packages
 ------------------------

diff --git a/HowTo_AFS_from_Linux.markdown b/HowTo_AFS_from_Linux.markdown
@@ -112,7 +112,9 @@ Host *
 
 Step 8: time sync
 -----------------
-Kerberos only works if your clocks are in close sync (certainly within 5 minutes). You can do a one-off clock sync like this:
+Kerberos only works if your computer clock is in close sync (certainly within 5 minutes) with CERN time servers. 
+
+I don't know if this will help for a computer within CERN, but in a normal computer you can do a one-off clock sync like this:
 
 ```
 ntpdate ntp.ubuntu.com

diff --git a/HowTo_AFS_from_Linux → HowTo_AFS_from_Linux.markdown b/HowTo_AFS_from_Linux → HowTo_AFS_from_Linux.markdown
diff --git a/HowTo_AFS_from_Linux b/HowTo_AFS_from_Linux
@@ -0,0 +1,153 @@
+How to connect to AFS from your Linux computer
+==============================================
+
+Step 1: install packages
+------------------------
+
+Download the following:
+
+```
+sudo apt-get install openafs-client
+sudo apt-get install openafs-modules-dkms
+sudo apt-get install openafs-krb5
+sudo apt-get install krb5-user
+sudo apt-get install krb5-config
+```
+
+Step 2: generate your keytab
+----------------------------
+
+```
+$ ktutil
+ktutil: addent -password -p ansantamCERN.CH -k 1 -e aes256-cts
+ktutil: addent -password -p [email protected] -k 1 -e arcfour-hmac-md5
+ktutil: wkt .keytab
+ktutil: q
+```
+
+See if your keytab works:
+```
+kinit -kt .keytab ansantam
+```
+
+If nothing appears in your prompt, it works.
+
+
+Step 3: automatize identification
+----------------------------------
+
+My way of obtaining my credentials is adding the following line in my __.bash_aliases__ file: 
+
+```
+alias afs="kdestroy && kinit -kt .keytab ansantam -l 7d -r 1d ; aklog CERN.CH"
+```
+Like this I can obtain the credentials only by typping __"afs"__ in the console.
+
+What all of this means:
+
+* The __"kdestroy"__ command deletes a Kerberos credentials cache file. More info [here](http://publib.boulder.ibm.com/infocenter/aix/v7r1/index.jsp?topic=%2Fcom.ibm.aix.cmds%2Fdoc%2Faixcmds3%2Fkdestroy.htm)
+
+* The __"kinit"__ command is used to get a Kerberos ticket. See __"kinit"__'s options [here](http://linux.die.net/man/1/kinit). We are using the keytab we just created to obtain the Kerberos ticket.
+
+* The __"aklog"__ command is used to obtain tokens for authentication to AFS. More info [here](http://docs.openafs.org/Reference/1/aklog.html).
+
+
+Step 4: renew your token automatically
+--------------------------------------
+Open the file __/etc/crontab__ and add the following line:
+
+```
+@daily ID=afstoken kinit --renew
+```
+
+Step 5: use "cern.ch" as default AFS cell
+-----------------------------------------
+
+Open the file __/etc/openafs/ThisCell__ and add ``cern.ch`` 
+
+
+Step 6: setup kerberos5 authentication
+-----------------------------------------
+Open the file __/etc/krb5.conf__ and add:
+
+```
+# settings for CERN.CH realm are taken from file
+#   lxplus.cern.ch:/etc/krb5.conf
+
+[libdefaults]
+  default_realm = CERN.CH
+
+[realms]
+  CERN.CH = {
+    default_domain = cern.ch
+    kpasswd_server = afskrb5m.cern.ch
+    admin_server = afskrb5m.cern.ch
+    kdc = afsdb1.cern.ch
+    kdc = afsdb2.cern.ch
+    kdc = afsdb3.cern.ch
+  }
+
+[domain_realm]
+  cern.ch = CERN.CH
+  .cern.ch = CERN.CH
+```
+
+Step 7: avoiding SSH errors
+----------------------------
+To avoid problems when connecting to lxplus with:
+```
+ssh user@lxplus
+```
+open the file __/etc/ssh/ssh_config__ and be sure to uncomment the following options:
+
+```
+Host *
+    ForwardX11 yes
+    ForwardX11Trusted no
+    GSSAPITrustDNS yes
+    HashKnownHosts yes
+    GSSAPIAuthentication yes
+    GSSAPIDelegateCredentials yes
+```
+
+Step 8: time sync
+-----------------
+Kerberos only works if your clocks are in close sync (certainly within 5 minutes). You can do a one-off clock sync like this:
+
+```
+ntpdate ntp.ubuntu.com
+```
+
+But it's better to install the ntp daemon, which will continuously keep your clock in accurate sync.
+
+```
+apt-get install ntp
+```
+
+Debugging
+---------
+
+* Restart the console so your alias set up in __Step 3__ will work.
+* Restart the AFS client: ``sudo service openafs-client restart``.
+* Login with the alias you chose in __Step 3__ (make sure you get ticket and token).
+* Make sure the clocks are synced (__Step 8__).
+
+
+References
+----------
+
+* [Ome Gak](https://gist.github.com/OmeGak/9530124)
+* [linux.web.cern.ch](http://linux.web.cern.ch/linux/docs/kerberos-access.shtml)
+* [akorneev.web.cern.ch](http://akorneev.web.cern.ch/akorneev/howto/openafs.txt)
+* [Yngve's blog](http://eothred.wordpress.com/2011/05/09/cern-and-kerberos-tokens/)
+
+
+
+
+
+
+
+
+
+
+
No results found