[1182] in linux-security and linux-alert archive
Re: [linux-security] Re: GSSAPI for Linux (follow up..)
daemon@ATHENA.MIT.EDU (Marc Ewing)
Fri Sep 27 17:31:51 1996
To: Malcolm Beattie <mbeattie@sable.ox.ac.uk>
cc: morgan@parc.power.net (Andrew G. Morgan),
linux-security@tarsier.cv.nrao.edu
In-reply-to: <199609200857.JAA16865@sable.ox.ac.uk> from Malcolm Beattie
<mbeattie@sable.ox.ac.uk> on Fri, 20 Sep 1996 09:57:00 BST.
Date: Fri, 20 Sep 1996 11:54:43 -0400
From: Marc Ewing <marc@redhat.com>
Malcolm Beattie <mbeattie@sable.ox.ac.uk> writes:
> I am going to put up an RPM for K5beta7 RSN. I prepared one for
> beta6 and the binary RPM came out at slightly over a megabyte
> (thanks to --enable-shared working nicely). I mailed RedHat a
> couple of weeks or so ago asking them to add the Kerberos ports
> to /etc/services (in the "setup" RPM) but they haven't replied yet.
> That means you have to manually append to /etc/services (on the
> client side, kshell needs to be in there for rsh to work). Apart
> from that, a single "rpm -i" and everything works fine (well it
> did with beta6 but beta7 seems to have broken credential forwarding
> for some reason).
Our next release (and probably the Rembrandt beta -- I haven't checked),
will have the following entried in /etc/secrives:
kerberos 88/udp kdc # Kerberos authentication--udp
kerberos 88/tcp kdc # Kerberos authentication--tcp
klogin 543/tcp # Kerberos authenticated rlogin
kshell 544/tcp cmd # and remote shell
kerberos-adm 749/tcp # Kerberos 5 admin/changepw
kerberos-adm 749/udp # Kerberos 5 admin/changepw
kerberos-sec 750/udp # Kerberos authentication--udp
kerberos-sec 750/tcp # Kerberos authentication--tcp
kerberos_master 751/udp # Kerberos authentication
kerberos_master 751/tcp # Kerberos authentication
krb5_prop 754/tcp # Kerberos slave propagation
kpop 1109/tcp # Pop with Kerberos
eklogin 2105/tcp # Kerberos encrypted rlogin
krb524 4444/tcp # Kerberos 5 to 4 ticket xlator
Should anything else be there?
-Marc