[1171] in linux-security and linux-alert archive
Re: [linux-security] Re: GSSAPI for Linux (follow up..)
daemon@ATHENA.MIT.EDU (Malcolm Beattie)
Fri Sep 20 11:18:27 1996
From: Malcolm Beattie <mbeattie@sable.ox.ac.uk>
To: morgan@parc.power.net (Andrew G. Morgan)
Date: Fri, 20 Sep 1996 09:57:00 +0100 (BST)
Cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <199609191800.LAA05301@parc.power.net> from "Andrew G. Morgan" at Sep 19, 96 11:00:49 am
Andrew G. Morgan writes:
>
> I emailed a question about GSSAPI [General Security Services
> Application Program Interface] a week or two ago. Prompted by a
> request from Jeff Cook, it seemed like a good idea to make a follow up
> posting...
[...]
> Of course, Kerberos is only available within the US.
Rubbish. See, for example,
ftp://ftp.ox.ac.uk/pub/comp/security/software/Kerberos5
I am going to put up an RPM for K5beta7 RSN. I prepared one for
beta6 and the binary RPM came out at slightly over a megabyte
(thanks to --enable-shared working nicely). I mailed RedHat a
couple of weeks or so ago asking them to add the Kerberos ports
to /etc/services (in the "setup" RPM) but they haven't replied yet.
That means you have to manually append to /etc/services (on the
client side, kshell needs to be in there for rsh to work). Apart
from that, a single "rpm -i" and everything works fine (well it
did with beta6 but beta7 seems to have broken credential forwarding
for some reason).
--Malcolm
--
Malcolm Beattie <mbeattie@sable.ox.ac.uk>
Unix Systems Programmer
Oxford University Computing Services