[3690] in Kerberos
Re: S/KEY integrated with Kerberos?
daemon@ATHENA.MIT.EDU (Marc Horowitz)
Wed Aug 10 16:19:58 1994
To: kerberos@MIT.EDU
Date: 10 Aug 1994 20:00:36 GMT
From: marc@cam.ov.com (Marc Horowitz)
>> I don't see how that's any different from, or better than, the way the Annex
>> now just accesses a Unix password file. Ick, ick, ick.
It's better for us because I don't have to manage two password
databases, and our users don't have to deal with two passwords.
(Actually, that's not entirely true. Some users want a separate
password for the terminal server, so I create a new kerberos instance
for the user which is used by the annex software and nothing else.)
Since kerberos has network administration tools, this also means I get
network administration of my annex password for free.
>> Because it means they don't have to write any new code to handle
>> caching tickets anywhere special and the like. Not a big deal, but
>> since I was assuming they already had the protocol parts of the
>> library ported, it seemed to be most of what was left, no?
Oh, I see. Well, I suppose now it means they have a place to store
the ticket cache, but no software to create or use one :-)
Marc
