|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Date: Thu, 3 Oct 2002 13:11:16 -0400 (EDT) From: alex@yuriev.com To: just me <matt@snark.net> Cc: Scott Francis <darkuncle@darkuncle.net>, nanog@merit.edu In-Reply-To: <Pine.GSO.4.33L0.0210030950140.26561-100000@pants.snark.net> Errors-To: owner-nanog-outgoing@merit.edu > > You still haven't given me a single example of what these "problems" > are. Just hand-waving and talk about the "right" way is. It is rather simple and had been addressed lots of times. I really fail to understand why people do keep re-inventing the wheel. Give your admins crypto cards. Make sure that crypto-card service talks GSS-API. Have a GSS-API service provider Configure all your systems to use GSSAPI interface. So, why are we re-inventing the wheel again? Alex P.S. Dont claim that crypto cards are expensive. If you have 40000 Unix machines, you can AFFORD to give everyone a crypto card.
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |