[36738] in Kerberos
Re: question about MIT kpasswd and RPCSEC_GSS
daemon@ATHENA.MIT.EDU (Tom Yu)
Wed Jan 21 18:41:35 2015
From: Tom Yu <tlyu@mit.edu>
To: kerberos@mit.edu
Date: Wed, 21 Jan 2015 18:41:21 -0500
In-Reply-To: <20150121231728.GA27915@oracle.com> (Will Fiveash's message of
"Wed, 21 Jan 2015 17:17:28 -0600")
Message-ID: <ldvzj9bhfby.fsf@sarnath.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Will Fiveash <will.fiveash@oracle.com> writes:
> Thanks, I was looking through some older notes I made about this and the
> code and felt I had entered a maze of twisty passages that all looked
> alike. Anyway (to make sure I'm clear) it's my understanding that MIT
> back in 1.4 added support for kadmin/kadmind communication via
> RPCSEC_GSS which made MIT kadmin compatible with Solaris kadmind. My
> notes on this also implied that the MIT kpasswd was updated to use
> RPCSEC_GSS or SET_CHANGE:
>
> MIT supports a SET_CHANGE protocol for changing password. In 1.4
> they added support for our RPCSEC_GSS protocol.
>
> It could be that I was mistaken about this which prompted my earlier
> question.
I think there was a src/kadmin/passwd directory that we deleted in 2009
that contained the OV*Secure RPC password-changing client, but it might
not have ever been installed by "make install". I haven't worked out
what release that change would have landed in.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
