Date: Wed, 20 Jan 1999 22:44:44 +1100 From: jonathan michaels <jon@caamora.com.au> To: freebsd-questions@FreeBSD.ORG Subject: Re: Kerberos info Message-ID: <19990120224444.A6919@caamora.com.au> In-Reply-To: <Pine.BSF.4.05.9901191655280.2274-100000@s8-37-26.student.washington.edu>; from Jason C. Wells on Tue, Jan 19, 1999 at 04:58:59PM -0800 References: <Pine.LNX.3.95.990120102040.12072A-100000@nhj.nlc.net.au> <Pine.BSF.4.05.9901191655280.2274-100000@s8-37-26.student.washington.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jan 19, 1999 at 04:58:59PM -0800, Jason C. Wells wrote: > On Wed, 20 Jan 1999, John Saunders wrote: > > >I'm after some very basic kerberos info. I'm not after install > >instructions (yet). I am after some info like "what is kerberos" and "what > >does it give me that is worth the effort to configure it". > > Kerberos is an authentication system. It is worth configure because it > keeps your password encrypted during transmission. jason, i have a few machines at home in my now all freebsd network, i only have a personal link tot he internetworking community beyound my freebsd router. do you think it would be worth my while to run kerberos as well ? i have a few people loging in to do work on thier own webpages, and the rest are just webpage browsers .. not to amny as the pages that are here are very raw and suffering from builder notknowing what to do next. > >I hear it's an authentication system, what is wrong with /etc/passwd? > > Password authentication done the normal way requires your password to be > sent "cleartext" to the authenticating host. Anyone listening can grab > your password. wouldn't ssh solve a lot of those probelms .. or is ssh differnt to the way kerberos does teh passwd encoding ? > > >Why not use NIS (yellow pages)? > > I don't know why but I have this blue O'Reilly book that says NIS is a > serious security problem for networks that are connected to public > networks. not knowing either, but surmising that nis (yp) was built at a time when the internetworking community was a knder place were people sorta knew each other and definately trusted each other .. unlike now were all sorts of jerks can get on and reap largscale havoc .. just for 'fun', thi si how i see it as happening .. yes ? > If you are interested in securing your system you should also investigate > 'ssh'. hwo could/would you integrate ssh and kerberos into a security concious frontend for ones freebsd system ? regards and thank you jonathan -- =============================================================================== Jonathan Michaels PO Box 144, Rosebery, NSW 1445 Australia ===========================================================<jon@caamora.com.au> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990120224444.A6919>