From fd948523cd8634a44c05b71c49edefeddd7681fa Mon Sep 17 00:00:00 2001
From: Konrad Bucheli <konrad.bucheli@psi.ch>
Date: Mon, 25 Nov 2024 13:31:10 +0100
Subject: [PATCH] tell about gssproxy

---
 admin-guide/configuration/files/central_storage_mount.md | 5 ++++-
 admin-guide/configuration/files/mount.md                 | 6 +++++-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/admin-guide/configuration/files/central_storage_mount.md b/admin-guide/configuration/files/central_storage_mount.md
index 2cba841d..b34e090c 100644
--- a/admin-guide/configuration/files/central_storage_mount.md
+++ b/admin-guide/configuration/files/central_storage_mount.md
@@ -17,7 +17,10 @@ On workstation type systems this is enabled by default starting with RHEL9
 
 ## Adding a Share
 
-For a new or exsting share find a suitable path below `/psi.ch/group` or  `/psi.ch/project` and inform Peter Huesser or the [Linux Core Group](mailto:linux-eng@psi.ch)
+For a new or exsting share find a suitable path below `/psi.ch/group` or  `/psi.ch/project` and inform the [NAS Team](cits2-nas@psi.ch) or the [Linux Core Group](mailto:linux-eng@psi.ch).
+
+## Kerberos and Permanent Running Software
+Checkout [Permanent Kerberos with gssproxy and Password Keytab](../basic/gssproxy_with_keytab) if you want to access this, e.g. with background processes without having to type passwords (`kinit`) regularly.
 
 
 ## Debugging
diff --git a/admin-guide/configuration/files/mount.md b/admin-guide/configuration/files/mount.md
index 72eccdfa..e476c22d 100644
--- a/admin-guide/configuration/files/mount.md
+++ b/admin-guide/configuration/files/mount.md
@@ -59,7 +59,7 @@ mounter::mounts:
   - 'controls'
 ```
 
-Ideally use NFSv4 (option `nfsvers=4.2`) and Kerberos authentication (option `sec=krb5`) is used. For Kerberos please contact the Linux Core Group for support. We managed to get it running experimentally, but it might not run yet automatically from Puppet. And of course also the NetApp side needs to be prepared accordingly.
+Ideally use NFSv4 (option `nfsvers=4.2`) and Kerberos authentication (option `sec=krb5`) is used. And of course also the NetApp side needs to be prepared accordingly.
 
 Following options are possible for `sec`:
 - `sys` client enforces access control (default on NFS3)
@@ -72,6 +72,8 @@ NFS and Kerberos also needs ID mapping, which is automatically configured to the
 nfs_idmap::domain: 'ethz.ch'
 ```
 
+Checkout [Permanent Kerberos with gssproxy and Password Keytab](../basic/gssproxy_with_keytab) if you want to access a Kerberos protected share, e.g. with background processes without having to type passwords (`kinit`) regularly.
+
 ## CIFS
 
 ### CIFS with Multiuser Option and Kerberos
@@ -107,6 +109,8 @@ mounter::mounts:
 This only works if `everybody` has read access to the share itself, but that is not needed for subfolders.
 Else you need a password as below or a keytab (here feel free to ask the Linux Group for support).
 
+Checkout [Permanent Kerberos with gssproxy and Password Keytab](../basic/gssproxy_with_keytab) if you want to access a Kerberos protected share, e.g. with background processes without having to type passwords (`kinit`) regularly.
+
 ### CIFS with User and Password
 
 Remote CIFS mountpoints can be defined as follows: