[2625] in Kerberos
Re: Solaris 2.1 Kerberos
daemon@ATHENA.MIT.EDU (Jonathan E. Chinitz)
Thu Mar 18 09:52:00 1993
To: eichin@Athena.MIT.EDU
Cc: cwm@lanl.gov, kerberos@Athena.MIT.EDU, jec@uunet.UU.NET
In-Reply-To: <9303180814.AA00205@tsx-11.MIT.EDU>
Date: Thu, 18 Mar 93 08:53:49 -0500
From: "Jonathan E. Chinitz" <isoft!jec@uunet.UU.NET>
On Thu, 18 Mar 93 03:14:53 EST uunet!Athena.MIT.EDU!eichin wrote:
> > Has anyone investigated or is anyone using the Kerberos version
> > that comes with Solaris. I have some questions:
> > 1) What services are Kerberized?
> > 2) Is NFS Kerberized and can it be used with a
> > MIT V4 Kerberos Ticket server?
>
> NFS is the *only* thing that is provided Kerberized in Solaris 2. Both
> mount-time and file-access-time authentication is done, apparently
> using Kerberos V4-based Secure RPC; to my knowledge, Sun has not yet
> released specifications of this, though they suggested a year ago that
> they would. Note that this is completely unrelated to the MIT "uid
> mapping" NFS enhancements.
Mark,
Could you define the difference between "file-access" authentication
and "uid mapping"? I am familiar with the uid mapping performed by the
Athena mountd.
Does the client present an authenticator+ticket to the NFS server
*every time* a file access is attempted?!
-Jonathan
------------------------------------------------------------------------------
Jonathan E. Chinitz Voice: 508-635-9070
IntelliSoft Corp. Fax: 508-635-9210
Distributed Computing Solutions E-mail: uunet!isoft!jec
P.O. Box 2645 jec@isoft.com
Acton, MA 01720
