[1499] in Kerberos
Re: Network password system
daemon@ATHENA.MIT.EDU (Joe Pato)
Thu Aug 8 12:30:31 1991
Resent-From: pato@apollo.com (Joe Pato)
From: pato@apollo.com (Joe Pato)
Date: Fri, 2 Aug 91 09:38:16 EDT
To: strombrg@uceng.uc.edu (Dan Stromberg)
Cc: kerberos@shelby.Stanford.EDU
In-Reply-To: strombrg@uceng.uc.edu (Dan Stromberg), thu, 1 aug 91 16:50:04
Resent-To: kerberos@ATHENA.MIT.EDU
Hi.
I'm gathering information about network based password systems that
could be used under Mach - IE, it'd be nice if users could run some
command on any old machine in a given cluster (realm?) to change
their password, rather than having to log onto a server first.
The info is being gathered in part to get my MS project out of the
way (I may choose to write such a thing using Kerberos 4), and in
part because such a thing would be useful in a local RT lab.
Descriptions, or even notification, of existing systems would be
appreciated. I'm aware of yellow pages and Athena SMS, but synopses of
their design would be helpful as well. I'll summarize if there's
interest.
- Dan
You might be interested in HP's Passwd Etc product for Sun/OS, Ultrix,
Domain/OS and HP/UX. The following paper describes an earlier version of the
system as implemented on Domain/OS:
Pato J., Martin E., Davis B.,
A User Account Registration System for a Large (Heterogeneous) UNIX Network
Proceedings of the Usenix Association Winter 1988 Conference.
You would probably also be interested in obtaining information from the Open
Software Foundation about the DCE (Distributed Computing Environment). The DCE
Security component is the next generation of Passwd Etc and includes Kerberos
V5. This code currently runs on a variety of operating systems including
Domain/OS, Ultrix, AIX, HP/UX and OSF/1. I don't believe vendors have made
announcements about the commercial availability of the system, but I suspect
many vendors will provide DCE products during 1992.
-- Joe Pato
Cooperative Computing Division
Hewlett-Packard Company
pato@apollo.hp.com
-------
