[1834] in Kerberos
Re: Kerberized ftp and telnet
daemon@ATHENA.MIT.EDU (Alan Crosswell)
Thu Mar 26 00:28:57 1992
Date: Wed, 25 Mar 1992 22:50:16 GMT
From: alan@curta.cc.columbia.edu (Alan Crosswell)
To: kerberos@shelby.Stanford.EDU
In article <1992Mar25.135913.38201@cs.cmu.edu> moore+@CS.CMU.EDU (Dale
Moore) writes:
> There is a kerberize telnet available via anonymous ftp from ftp.uu.net.
> It is in /networking/telnet.91.03.25.tar.Z.
>
> We've been using it for several months now.
>
> I like kerberized telnet over rlogin, because telnet can send over
> environment variables, such as DISPLAY, EDITOR and PRINTER.
> It negotiates speed and terminal type much more nicely than rlogin.
> From what I can tell, rlogin is pretty unflexible.
>
> I don't know of any kerberize ftp.
> I don't know if the ftp protocol is flexible enough to allow such
authentication.
> But then, it's only software.
>
> Dale Moore
There's also a kerberized telnet in the Kerberos V5 distribution which
is based on the 4.4BSD telnet/telnetd. We use it here with V4 kerberos
with a few local modifications to support access to "applications" on unix
servers where the person's holding a valid kerberos ticket is sufficient
to let them in (e.g. they don't have to be a valid local unix user). I
also added a couple more options to do things like make the service
principal name settable (rather than a hardcoded default of "rcmd.") This
is used to provide text services like front-ends to library systems,
encyclopedias, etc where the user never even realizes the service is on a
unix host (e.g. kerberized telnet to host X, port Y). This includes yet
another mod to exec some other program than /bin/login. If any of this
sounds interesting, I can package it up and make available.
/a
