Re: [Sheflug] AccessSpace NIS (lots of Q's)

[Will Newton <nospam [at] misconception.org.uk>]

On Wed, 4 Apr 2001, Barrie Bremner wrote:

> As Alex said, Kerberos is another authentication protocol, developed
> (and widely used) at MIT.
> Kerberos requires Kerberized network applications (i.e. ssh, ktelnet, kftp)
> and servers to issue tickets and authenticate users.
> RedHat 7.0 ships with Kerberos RPMs on the disk - you'd just need to
> figure out how to use the system.

Remember to check the errata. AFAIK there is at least one krb5 update.

> Depending on what you are trying to achieve, Kerberos might be an option.

If you only have two machines then there is no point. kerberos is
a trusted third party protocol - i.e. you need to have a trusted
authentication server, to authenticate any two other machines. If you run
the authentication server on one of the machines trying to authenticate
you kind of defeat the whole thing. It wil still work, but be no more
secure than two-way authentication mechanisms like that used by ssh.

kerberos works best if you have a lot of machines needing authentication
services.


---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word 
 "unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.