[14642] in Kerberos
RE: How to configure a Kerberos 5 Linux client of a Solaris KDC s
daemon@ATHENA.MIT.EDU (Mayers, Philip J)
Mon Jul 9 15:50:39 2001
Message-ID: <A0F836836670D41183A800508BAF190B35E7FC@icex1.cc.ic.ac.uk>
From: "Mayers, Philip J" <p.mayers@ic.ac.uk>
To: "'Ken Hornstein'" <kenh@cmf.nrl.navy.mil>
Cc: kerberos@mit.edu
Date: Mon, 9 Jul 2001 20:47:00 +0100
MIME-Version: 1.0
Content-Type: text/plain
...Which the cynical amongst us might assume is the reason ;o)
Regards,
Phil
+----------------------------------+
| Phil Mayers, Network Support |
| Centre for Computing Services |
| Imperial College |
+----------------------------------+
-----Original Message-----
From: Ken Hornstein [mailto:kenh@cmf.nrl.navy.mil]
Sent: 09 July 2001 19:31
To: Wyllys Ingersoll
Cc: kerberos@MIT.EDU
Subject: Re: How to configure a Kerberos 5 Linux client of a Solaris KDC
server
>The admin protocol was never standardized (unfortunately) and SEAM
>diverged from the MIT version to replace OpenVisions RPC-based admin
>protocol with RPCSEC_GSS.
>
>RPCSEC_GSS was key to getting Kerberos protection for NFS with SEAM.
I don't see why you couldn't have use a seperate RPC library for the kadmind
(since we do that now for MIT Kerberos and it works fine).
Yeah, I can understand why you wouldn't want to do that ... I still think
it's unfortunate, because that means you can only rekey and do
administration
from Solaris boxes.
--Ken
