home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Columbia Kermit
/
kermit.zip
/
newsgroups
/
misc.19980901-19981211
/
000151_news@newsmaster….columbia.edu _Thu Oct 15 12:24:17 1998.msg
< prev
next >
Wrap
Internet Message Format
|
2020-01-01
|
3KB
Return-Path: <news@newsmaster.cc.columbia.edu>
Received: from newsmaster.cc.columbia.edu (newsmaster.cc.columbia.edu [128.59.35.30])
by watsun.cc.columbia.edu (8.8.5/8.8.5) with ESMTP id MAA10269
for <kermit.misc@watsun.cc.columbia.edu>; Thu, 15 Oct 1998 12:24:12 -0400 (EDT)
Received: (from news@localhost)
by newsmaster.cc.columbia.edu (8.8.5/8.8.5) id MAA26058
for kermit.misc@watsun; Thu, 15 Oct 1998 12:24:12 -0400 (EDT)
Path: news.columbia.edu!newsfeed.nyu.edu!news.maxwell.syr.edu!btnet-peer!btnet!news-lond.gip.net!news.gsl.net!gip.net!baron.netcom.net.uk!netcom.net.uk!server3.netnews.ja.net!news.ox.ac.uk!not-for-mail
From: Neil Long <neil.long@computing-services.oxford.ac.uk>
Newsgroups: comp.protocols.kermit.misc
Subject: K95 && KRB5 without encryption??
Date: 15 Oct 1998 15:45:45 GMT
Organization: Computing Services, University of Oxford
Lines: 36
Message-ID: <7055b9$jst$1@news.ox.ac.uk>
NNTP-Posting-Host: ratbert.oucs.ox.ac.uk
X-Trace: news.ox.ac.uk 908466345 20381 163.1.14.71 (15 Oct 1998 15:45:45 GMT)
X-Complaints-To: newsmaster@ox.ac.uk
NNTP-Posting-Date: 15 Oct 1998 15:45:45 GMT
X-Newsreader: NN version 6.5.0 CURRENT #116
Xref: news.columbia.edu comp.protocols.kermit.misc:9344
Hello
K95 ver 1.1.17 has 'support' for Kerberos but what is not clear to me is
whether the export version would enable authentication (and therefore no
clear text passwords!) without encrypted sessions. The former being OK
but the latter falling under ITAR.
There are various Kerberos packages available (legally) outside the US/Canada
so getting a K4 or K5 server/realm setup is not a problem but good PC apps
which could radically reduce the impact of network sniffers are few and
far between.
When I try 1.1.17 and 'auth krb5 init {principal}
I get
?Kerberos is not installed
but 'check kerberos' gives
kerberos available
It would be a Good Thing if K95 would enable kerberised authentication even
if sessions are not encrypted, after all SSH is widely used and even SRP can be
implemented with a bolt-on crypto library.
On the other hand, maybe I am missing something obvious. I did create KRB.CON and
KRBREALM.CON files - which seem KRB4-ish in syntax, is there a difference for
KRB5??
Thanks
Neil
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* Dr Neil J Long, Computing Services, University of Oxford
* Banbury Road, Oxford, OX2 6NN, UK
* Tel: +44 1865 273232 Fax: +44 1865 273275
* EMail: Neil.Long@computing-services.oxford.ac.uk