[7661] in Kerberos
Re: Client Software
daemon@ATHENA.MIT.EDU (Sam Hartman)
Mon Jul 22 21:29:27 1996
To: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Cc: Adam Kaupisch <kaupisch@ucsu.Colorado.EDU>, kerberos@MIT.EDU
From: Sam Hartman <hartmans@MIT.EDU>
Date: 22 Jul 1996 21:21:17 -0400
In-Reply-To: Ken Hornstein's message of Thu, 18 Jul 1996 15:00:58 -0400
>>>>> "Ken" == Ken Hornstein <kenh@cmf.nrl.navy.mil> writes:
>> Ok, I am wanting to do this on Kerberos v5 b6. I want to piggy
>> back the kerberos ticket in with our own data transportation.
>> What needs to be transmited and how is it obtained? And also,
>> how would it be verified at the other end? Any help would be
>> appreciated.
Ken> A good starting point would be the telnet source code
Ken> (although it is admittedly icky). It does all of that stuff
Ken> already. Your other choice is to figure out what
Ken> krb5_sendauth() and krb5_recvauth() do, and just duplicate
Ken> it.
This is not quite sufficient. You should also use some
mechanism to attach a checksum to the data you send, or encrypt the
data; the sample applications in appl/sample demonstrate this. The
GSSAPI interface may be more convenient.
--Sam
Ken> --Ken
