From owner-freebsd-current  Tue Mar 12 09:03:11 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id JAA28872
          for current-outgoing; Tue, 12 Mar 1996 09:03:11 -0800 (PST)
Received: from grumble.grondar.za (root@grumble.grondar.za [196.7.18.130])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id JAA28861
          for <freebsd-current@freebsd.org>; Tue, 12 Mar 1996 09:02:58 -0800 (PST)
Received: from grumble.grondar.za (mark@localhost [127.0.0.1]) by grumble.grondar.za (8.7.4/8.7.3) with ESMTP id TAA13307; Tue, 12 Mar 1996 19:01:34 +0200 (SAT)
Message-Id: <199603121701.TAA13307@grumble.grondar.za>
To: "Garrett A. Wollman" <wollman@lcs.mit.edu>
cc: freebsd-current@freebsd.org
Subject: Re: HEADS UP! Please check... 
Date: Tue, 12 Mar 1996 19:01:32 +0200
From: Mark Murray <mark@grondar.za>
Sender: owner-current@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

"Garrett A. Wollman" wrote:
> Many sites may not want to use the Kerberized `su' for private reasons
> of their own.  `su' should take the non-existence of ~root/.klogin as an
> indication of this and go back to UNIX / S/Key authentication.  (Just
> as one example, a site may want to force everyone to use S/Key for
> `su', since they can't trust the network connection over which a user
> is logged in.)

This is reasonable. In fact this is the way it is now. :-)

M
--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark@grondar.za for PGP key