[94] in Release_7.7_team
Re: Warning: No Kerberos tickets obtained.
daemon@ATHENA.MIT.EDU (brlewis@MIT.EDU)
Fri Jun 3 12:58:59 1994
From: brlewis@MIT.EDU
Date: Fri, 3 Jun 94 12:58:24 -0400
To: jon@cam.ov.com
Cc: release-77@MIT.EDU, athena-ws@MIT.EDU
In-Reply-To: <9406031430.AA07009@kung-pao-chi-ding.aktis.com> (jon@cam.ov.com)
Date: Fri, 03 Jun 1994 10:30:09 -0400
From: "Jon A. Rochlis" <jon@cam.ov.com>
Bruce,
Pass this along if you like.
While the user's will like the prompt for tickets, it sort of negates
the whole point of a kerberos telnet, unless the session is encrypted.
If encryption is the default it makes sense, but otherwise it bothers
me.
Yes, this should only be done when using encryption. On Unix,
documentation should tell people to use -a -x (authentication and
encryption). Users shouldn't be told to use -a without using -x. I
don't know what the default is on Mac ktelnet, or on the Windows ktelnet
currently under development at some other school.
rkinit is a much better solution. V5 forwardable tickets may be the
"right" thing.
Agreed. We do have patriot's rkinitd for the dialups, but,
unfortunately, we don't have rkinit for non-Unix platforms at this time.
The Unix ktelnet can be compiled to support Kerberos V5. I don't know
about the non-unix clients.
