[1142] in linux-security and linux-alert archive
Re: [linux-security] GSSAPI for Linux
daemon@ATHENA.MIT.EDU (Jared Mauch)
Tue Sep 10 14:56:49 1996
From: Jared Mauch <jared@wolverine.hq.cic.net>
To: morgan@physics.ucla.edu (Andrew Morgan)
Date: Mon, 9 Sep 1996 03:58:35 -0400 (EDT)
Cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <199609071535.IAA28627@gluon.ucla.edu> from Andrew Morgan at "Sep 7, 96 08:35:34 am"
[REW: About GSSAPI:]
Yes. I use it on all my systems.
It comes with kerberos5. You can get that from
ftp://athena-dist.mit.edu/pub/ATHENA/kerberos
And when you folks try to build it and it doesn't work for
you, check all your headder files.. ;-)
It built for me on only one of my machines, all the others
needed me to fix some of my headder files.
There's only one problem, not all ftpds understand it:
220 cedar.cic.net FTP server (Version wu-2.4.2-academ[BETA-11](1) Thu Aug 29 11:24:00 EDT 1996) ready.
500 'AUTH GSSAPI': command not understood.
But others running a ftpd that understands it will show this:
wolverine:~> kinit
Password for jared@HQ.CIC.NET:
wolverine:~> ftp nic
Connected to nic.hq.cic.net.
220 nic.hq.cic.net FTP server (Version 5.60) ready.
334 Using authentication type GSSAPI; ADAT must follow
GSSAPI accepted as authentication type
GSSAPI error major: Miscellaneous failure
GSSAPI error minor: Server not found in Kerberos database
GSSAPI error: initializing context
GSSAPI authentication succeeded
Name (nic:jared):
232 GSSAPI user jared@HQ.CIC.NET is authorized as jared
230 User jared logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>
-jared
[REW: Quoting trimmed.]