From owner-freebsd-hackers Tue Aug 17 10:33:55 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from gratis.grondar.za (gratis.grondar.za [196.7.18.133]) by hub.freebsd.org (Postfix) with ESMTP id 370121571B for ; Tue, 17 Aug 1999 10:33:46 -0700 (PDT) (envelope-from mark@grondar.za) Received: from grondar.za (localhost [127.0.0.1]) by gratis.grondar.za (8.9.3/8.9.3) with ESMTP id TAA41154; Tue, 17 Aug 1999 19:30:57 +0200 (SAST) (envelope-from mark@grondar.za) Message-Id: <199908171730.TAA41154@gratis.grondar.za> To: "Matthew N. Dodd" Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: Kerberos 5 integration. Date: Tue, 17 Aug 1999 19:30:56 +0200 From: Mark Murray Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > What do you think about moving all the current '#ifdef KERBEROS' to > '#ifdef KERBEROS4' and starting to integrate the '#ifdef KERBEROS5' bits > in ftp, telnet, rsh, rlogin etc? I don't see a reason to rip out the krb4 > stuff and delay on the krb5 userland integration. Since the userland > stuff doesn't involve actual crypto code I think we're pretty safe no? I have a better idea; PAM-ify everything (that can be pammed). The rest of the stuff, I intend to do as you say. > I'd also be interested in hearing reasons for or against putting the krb4 > specific stuff (kinit, klist whatever) in /usr/krb4, and the krb5 bits in > /usr/krb5. This would simplify the task of leaving krb4 in the tree. Hmm. Methinks I might name the version-specific stuff k[45]${FOO} for FOO in init, list, destroy, etc. Telnetd and FTPD should be PAMmable, likewise the r.*d's. The userland ftp and telnets can have both (Isuspect), and the r-utils also. M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message