From owner-freebsd-security Wed Dec 3 10:46:29 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id KAA02598 for security-outgoing; Wed, 3 Dec 1997 10:46:29 -0800 (PST) (envelope-from owner-freebsd-security) Received: from passer.osg.gov.bc.ca (passer.osg.gov.bc.ca [142.32.110.29]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id KAA02590 for ; Wed, 3 Dec 1997 10:46:14 -0800 (PST) (envelope-from cy@cschuber.net.gov.bc.ca) Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.8.8/8.6.10) id HAA00477; Wed, 3 Dec 1997 07:51:43 -0800 (PST) Received: from cschuber.net.gov.bc.ca(142.31.240.113), claiming to be "cwsys.cwsent.com" via SMTP by passer.osg.gov.bc.ca, id smtpdaahEsa; Wed Dec 3 07:51:33 1997 Received: (from uucp@localhost) by cwsys.cwsent.com (8.8.8/8.6.10) id HAA04971; Wed, 3 Dec 1997 07:51:29 -0800 (PST) Message-Id: <199712031551.HAA04971@cwsys.cwsent.com> Received: from localhost.cwsent.com(127.0.0.1), claiming to be "cwsys" via SMTP by localhost.cwsent.com, id smtpd004965; Wed Dec 3 15:50:40 1997 X-Mailer: exmh version 2.0gamma 1/27/96 Reply-to: Cy Schubert - ITSD Open Systems Group From: Cy Schubert - ITSD Open Systems Group X-Sender: cy To: Assar Westerlund cc: dima@best.net, mohacsi@fsz.bme.hu (Janos Mohacsi), freebsd-security@freebsd.org Subject: Re: Kerberos 5 or Kerberos IV or DCE? In-reply-to: Your message of "02 Dec 1997 23:05:47 +0100." <5liut7pfic.fsf@assaris.sics.se> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 03 Dec 1997 07:50:40 -0800 Sender: owner-freebsd-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > dima@best.net (Dima Ruban) writes: > > > Heimdal? I there a working version of DCE for FreeBSD? > > > > Last time I've checked Heimdal - it had too many problems and was _not_ > > compatible with krb5 from MIT. It was about 2 month ago. > > There has been progress. It's not perfect, but it does work under > FreeBSD (my laptop runs FreeBSD, so...). I've had KRB5 beta 6 through 1.0.3 running on FreeBSD for over a year. The only problem is that the Kerberos distribution doesn't perform lastlogin under FreeBSD, because FreeBSD does not have a lastlog.h (the struct is defined in utmp.h). A small patch fixes this. I'll be submitting this to MIT when I get a chance (probably this weekend). Other KRB5 problems are not specific to FreeBSD and are usually fixed by the ANL patches, which usually get rolled into the next release by MIT. A port should be simple to create, however it could not fetch the source into distfiles: This would have to be performed by the sysadmin. Configuration is simple. I use; /configure --with-cc=gcc --with-aname-db=db --with-kdb-db=db --prefix= --with-ccopts=-O The --with-krb4 option is only required if you use a KRB4 client like sudo or popper. > > /assar > Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 UNIX Support OV/VM: BCSC02(CSCHUBER) ITSD BITNET: CSCHUBER@BCSC02.BITNET Government of BC Internet: cschuber@uumail.gov.bc.ca Cy.Schubert@gems8.gov.bc.ca "Quit spooling around, JES do it."