[14641] in Kerberos
Re: How to configure a Kerberos 5 Linux client of a Solaris KDC server
daemon@ATHENA.MIT.EDU (Ken Hornstein)
Mon Jul 9 14:34:06 2001
Message-Id: <200107091830.f69IUhn10704@ginger.cmf.nrl.navy.mil>
To: Wyllys Ingersoll <Wyllys.Ingersoll@Eng.Sun.COM>
cc: kerberos@MIT.EDU
In-reply-to: Your message of "Mon, 09 Jul 2001 08:58:48 EDT."
<200107091255.f69CtMU654968@jurassic.eng.sun.com>
Date: Mon, 09 Jul 2001 14:30:42 -0400
From: Ken Hornstein <kenh@cmf.nrl.navy.mil>
>The admin protocol was never standardized (unfortunately) and SEAM
>diverged from the MIT version to replace OpenVisions RPC-based admin
>protocol with RPCSEC_GSS.
>
>RPCSEC_GSS was key to getting Kerberos protection for NFS with SEAM.
I don't see why you couldn't have use a seperate RPC library for the kadmind
(since we do that now for MIT Kerberos and it works fine).
Yeah, I can understand why you wouldn't want to do that ... I still think
it's unfortunate, because that means you can only rekey and do administration
from Solaris boxes.
--Ken
