Date: Tue, 17 Aug 1999 19:39:23 -0400 (EDT) From: "Matthew N. Dodd" <winter@jurai.net> To: Kris Kennaway <kris@hub.freebsd.org> Cc: Mark Murray <mark@grondar.za>, freebsd-hackers@FreeBSD.ORG Subject: Re: Kerberos 5 integration. Message-ID: <Pine.BSF.4.10.9908171937410.4840-100000@sasami.jurai.net> In-Reply-To: <Pine.BSF.4.10.9908171631090.97758-100000@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 17 Aug 1999, Kris Kennaway wrote: > > Which is the problem if you're say, using ftp to a remote system right? > > In the non-PAM world, how would the ticket get from the client to the FTP > server? Some kind of subchannel? With FTP, one uses GSSAPI. With telnet/rlogin/rsh authentication is negotiated in such a way that it is possible for the client to say "Hey, we want to give you a kerberos ticket to authenticate ourselves." The server replies with something like "Sure, let me have it." or "Kerberos?", or "Yea, but only if you promise to give me a Kerberos 5 ticket." or smething like that. -- | Matthew N. Dodd | '78 Datsun 280Z | '75 Volvo 164E | FreeBSD/NetBSD | | winter@jurai.net | 2 x '84 Volvo 245DL | ix86,sparc,pmax | | http://www.jurai.net/~winter | This Space For Rent | ISO8802.5 4ever | To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9908171937410.4840-100000>