[53] in linux-security and linux-alert archive
Re: Secure setup for file transfer
daemon@ATHENA.MIT.EDU (warlord@MIT.EDU)
Tue Mar 7 19:32:32 1995
From: warlord@MIT.EDU
Date: Tue, 7 Mar 1995 16:55:49 -0500
To: iialan@iifeak.swan.ac.uk (Alan Cox)
Cc: linux-security@tarsier.cv.nrao.edu, jacob@jacob.remcomp.fr
In-Reply-To: "[51] in linux-security and linux-alert archive"
Reply-To: linux-security@tarsier.cv.nrao.edu
> > How does Kerberos do this? If I remember right, it uses user
> > identification, not machine identification. I suppose that putting
> > Kerberos on the MS-Windows machines is not an option. [;-)]
>
> PC/TCP seems to support kerberos
Actually, Kerberos uses entity identification, where an entity can be
a user or a service. For example, the pop service on machine
po6.mit.edu has the kerberos name pop.po6@ATHENA.MIT.EDU. When I go
to get my mail from this service, I have to authenticate myself to
this service, but I can also request that the service authenticate
back to me (mutual authentication).
You can read about this from the Kerberos docs in the directory
ftp://athena-dist.mit.edu/pub/ATHENA/kerberos/doc
-derek
--
Derek Atkins, SB '93 MIT EE, G MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
Home page: http://www.mit.edu:8001/people/warlord/home_page.html
warlord@MIT.EDU PP-ASEL N1NWH PGP key available
