[1182] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] Re: GSSAPI for Linux (follow up..)

daemon@ATHENA.MIT.EDU (Marc Ewing)
Fri Sep 27 17:31:51 1996

To: Malcolm Beattie <mbeattie@sable.ox.ac.uk>
cc: morgan@parc.power.net (Andrew G. Morgan),
        linux-security@tarsier.cv.nrao.edu
In-reply-to: <199609200857.JAA16865@sable.ox.ac.uk>  from Malcolm Beattie 
 <mbeattie@sable.ox.ac.uk>  on Fri, 20 Sep 1996 09:57:00 BST.
Date: Fri, 20 Sep 1996 11:54:43 -0400
From: Marc Ewing <marc@redhat.com>

Malcolm Beattie <mbeattie@sable.ox.ac.uk> writes:
> I am going to put up an RPM for K5beta7 RSN. I prepared one for
> beta6 and the binary RPM came out at slightly over a megabyte
> (thanks to --enable-shared working nicely). I mailed RedHat a
> couple of weeks or so ago asking them to add the Kerberos ports
> to /etc/services (in the "setup" RPM) but they haven't replied yet.
> That means you have to manually append to /etc/services (on the
> client side, kshell needs to be in there for rsh to work). Apart
> from that, a single "rpm -i" and everything works fine (well it
> did with beta6 but beta7 seems to have broken credential forwarding
> for some reason).

Our next release (and probably the Rembrandt beta -- I haven't checked),
will have the following entried in /etc/secrives:

kerberos        88/udp          kdc             # Kerberos authentication--udp
kerberos        88/tcp          kdc             # Kerberos authentication--tcp
klogin          543/tcp                         # Kerberos authenticated rlogin
kshell          544/tcp         cmd             # and remote shell
kerberos-adm    749/tcp                         # Kerberos 5 admin/changepw
kerberos-adm    749/udp                         # Kerberos 5 admin/changepw
kerberos-sec    750/udp                         # Kerberos authentication--udp
kerberos-sec    750/tcp                         # Kerberos authentication--tcp
kerberos_master 751/udp                         # Kerberos authentication
kerberos_master 751/tcp                         # Kerberos authentication
krb5_prop       754/tcp                         # Kerberos slave propagation
kpop            1109/tcp                        # Pop with Kerberos
eklogin         2105/tcp                        # Kerberos encrypted rlogin
krb524          4444/tcp                        # Kerberos 5 to 4 ticket xlator

Should anything else be there?

-Marc


home help back first fref pref prev next nref lref last post