[4241] in Kerberos
Re: remote kpasswd
daemon@ATHENA.MIT.EDU (Derek Atkins)
Tue Nov 22 21:17:36 1994
Date: Tue, 22 Nov 1994 20:54:56 -0500
From: Derek Atkins <warlord@MIT.EDU>
To: brian@nothing.ucsd.edu (Brian Kantor)
Cc: hobbit@asylum.sf.ca.us, mcguire@rocinante.digex.net, kerberos@MIT.EDU
In-Reply-To: "[4239] in Kerberos"
> The real solution is to get kinit and kpasswd into the terminal server
> itself.
Actually, the real solution is to get kerberos into the client
computer -- the machine where your fingers are typing at the keyboard.
That is where kerberos belongs!
It doesn't even have to have IP connectivity, all it needs is enough
CPU to run DES and do a little data formatting. If you have this,
then you have enough to move kerberos into the client.
In fact, this was my Bachelor's Thesis, "Charon: Kerberos Extensions
for Authentication Over Secondary Networks". You can get the paper
via anonymous ftp:
ftp://toxicwaste.mit.edu/pub/charon/thesis.ps.Z
The code has not, yet, been made publically available, although if
there are DOS or Mac developers out there that would like to help me
by porting to those platforms, I would be willing to let the code out
early for that purpose.
-derek
Derek Atkins, SB '93 MIT EE, G MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
Home page: http://www.mit.edu:8001/people/warlord/home_page.html
warlord@MIT.EDU PP-ASEL N1NWH PGP key available
