[1171] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] Re: GSSAPI for Linux (follow up..)

daemon@ATHENA.MIT.EDU (Malcolm Beattie)
Fri Sep 20 11:18:27 1996

From: Malcolm Beattie <mbeattie@sable.ox.ac.uk>
To: morgan@parc.power.net (Andrew G. Morgan)
Date: Fri, 20 Sep 1996 09:57:00 +0100 (BST)
Cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <199609191800.LAA05301@parc.power.net> from "Andrew G. Morgan" at Sep 19, 96 11:00:49 am

Andrew G. Morgan writes:
> 
> I emailed a question about GSSAPI [General Security Services
> Application Program Interface] a week or two ago. Prompted by a
> request from Jeff Cook, it seemed like a good idea to make a follow up
> posting...
[...]
> Of course, Kerberos is only available within the US.

Rubbish. See, for example,
    ftp://ftp.ox.ac.uk/pub/comp/security/software/Kerberos5

I am going to put up an RPM for K5beta7 RSN. I prepared one for
beta6 and the binary RPM came out at slightly over a megabyte
(thanks to --enable-shared working nicely). I mailed RedHat a
couple of weeks or so ago asking them to add the Kerberos ports
to /etc/services (in the "setup" RPM) but they haven't replied yet.
That means you have to manually append to /etc/services (on the
client side, kshell needs to be in there for rsh to work). Apart
from that, a single "rpm -i" and everything works fine (well it
did with beta6 but beta7 seems to have broken credential forwarding
for some reason).

--Malcolm

-- 
Malcolm Beattie <mbeattie@sable.ox.ac.uk>
Unix Systems Programmer
Oxford University Computing Services

home help back first fref pref prev next nref lref last post