[4195] in Kerberos
Re: Kerberos w/ one-time passwords?
daemon@ATHENA.MIT.EDU (Josh Osborne)
Tue Nov 15 15:04:22 1994
From: stripes@uunet.uu.net (Josh Osborne)
To: mellon@ipd.wellsfargo.com (Ted Lemon)
Date: Tue, 15 Nov 1994 14:09:21 -0500 (EST)
Cc: jgs@yurt.merit.edu, kerberos@MIT.EDU
In-Reply-To: <199411151725.JAA25464@rurapenthe.ipd.wellsfargo.com> from "Ted Lemon" at Nov 15, 94 09:25:53 am
[...]
>Why not just run kinit on the terminal server? At least one vendor
>has publicly stated on the Kerberos mailing list that they are working
>on a K5 implementation. This doesn't protect you from eavesdropping
>on the phone line, of course - if that's important to you, you should
>run SLIP or PPP and throw out the VT100. It seems to me that this
>would be cheaper than implementing the software to provide the
>functionality that you're looking for - a Kerberos-capable PC with PPP
>software would run you ~$1000 in quantity.
Well, lets go with a diffrent situation. I am about to leave town, and
have aranged access to a terminal room, but either they don't run
Kerberos, or I don't trust the Kerberos instalation. So I want to use
S/Keys to get back to my office, and will be careful not to look at
anything too secret, or to _ever_ type a real password.
This type of situation happens frequently when people travel to
confrances, or back home from school. In both cases moving a full sized
PC could be difficult, or impossabble, and Kerberos-capable *portable*
PC's are fairly costly, and frequently not as nice to look at as your
avrage VT102, let alone X-Terminal, or workstation.
