Date: Thu, 3 Dec 1998 17:27:46 -0500 (EST) From: Robert Watson <robert@cyrus.watson.org> To: Dima Ruban <dima@best.net> Cc: lyndon@execmail.com, woodford@cc181716-a.hwrd1.md.home.com, security@FreeBSD.ORG Subject: Re: mail.local Message-ID: <Pine.BSF.3.96.981203172323.14719A-100000@fledge.watson.org> In-Reply-To: <199812032059.MAA07104@burka.rdy.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 3 Dec 1998, Dima Ruban wrote: > Robert Watson writes: > > Kerberos is easy -- it's finding clients that support KerberosIV under > > UNIX that's hard. That is, I have yet to find a copy of the Pine 3.9x > > Kerberos IV patches that compile cleanly under FreeBSD, and I don't have > > time to write them myself. What I should really do is upgrade to K5 > > (which has native support under more recent versions of Pine), but I don't > > believe that the CMU Cyrus server supports K5, only K4. I would have > > migrated all of the users of my system to the cyrus server long ago if > > pine 3.9x didn't keep asking for passwords and sending them in the clear > > text to my cyrus server. :) > > If you use kerberos, I'd really suggest you on moving to K5. > Much nicer and much more flexible in administration. I would certainly like to move to K5, but that's not an insignificant amount of trouble in terms of transitioning. Speaking of KerberosV, is it likely that FreeBSD will shift to shipping K4 instead of K5 by default at some point? K4 is the most common in all the environments I regularly use (here at CMU anyway) but K5 certainly has advantages (including, I believe, better support for multihomed hosts in the form of not using the IP in tickets/authenticators?) I would guess that the transition would be easier now that we have PAM? Robert N Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: 03 01 DD 8E 15 67 48 73 25 6D 10 FC EC 68 C1 1C Carnegie Mellon University http://www.cmu.edu/ TIS Labs at Network Associates, Inc. http://www.tis.com/ SafePort Network Services http://www.safeport.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.981203172323.14719A-100000>