home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Columbia Kermit
/
kermit.zip
/
newsgroups
/
misc.20010306-20010921
/
000017_news@columbia.edu _Mon Mar 12 09:21:20 2001.msg
< prev
next >
Wrap
Internet Message Format
|
2020-01-01
|
3KB
Return-Path: <news@columbia.edu>
Received: from newsmaster.cc.columbia.edu (newsmaster.cc.columbia.edu [128.59.59.30])
by fozimane.cc.columbia.edu (8.9.3/8.9.3) with ESMTP id JAA29733
for <kermit.misc@cpunix.cc.columbia.edu>; Mon, 12 Mar 2001 09:21:20 -0500 (EST)
Received: (from news@localhost)
by newsmaster.cc.columbia.edu (8.9.3/8.9.3) id IAA05692
for kermit.misc@watsun.cc.columbia.edu; Mon, 12 Mar 2001 08:54:37 -0500 (EST)
X-Authentication-Warning: newsmaster.cc.columbia.edu: news set sender to <news> using -f
From: jaltman@columbia.edu (Jeffrey Altman)
Subject: Re: secure ftp batch binaries/scripts
Date: 12 Mar 2001 13:54:37 GMT
Organization: Columbia University
Message-ID: <98iket$5hq$1@newsmaster.cc.columbia.edu>
To: kermit.misc@columbia.edu
In article <98ij02$g68$1@yin.interaccess.com>,
Kenny McCormack <gazelle@interaccess.com> wrote:
: >All of the issues with /dev/random, export issues, patents are the same.
: >You can't avoid them regardless of which security protocols you want to use.
:
: OK - thanks for the honest answer. I guess it is still too complicated to
: deal with. But I will check it out (the Kermit web page and stuff related
: to this), anwyay.
I'm not sure I understand what is so complicated to deal with?
Most operating systems shipped in the last few years contain some form of
random data source. If the one you are using does not, then installing one
is not too difficult.
As for the other items on your list, unless you are planning on embedding the
protocol into a closed source commercial application they should not have an
impact on you.
As for getting pre-built binaries. It is crucial when using Unix to build binaries
on your machine. Only this way will you be sure that the binaries where built to
use the libraries that you have installed on your system and how you have your
system configured. One item that needs to be known is the type of password files
that you are using? Are you using Shadow Password files or EPS? Are you using PAM?
Which security systems do you have installed on your machine?
OpenSSL
MIT Kerberos 4
MIT Kerberos 5
MIT Kerberos 5 with Kerberos 4 compatibility
Heimdal Kerberos
Secure Remote Password
Which version of each of these libraries?
Distributing and supporting pre-built packages is difficult. But building a
binary on an individual system is not.
Jeffrey Altman * Sr.Software Designer C-Kermit 7.1 Alpha available
The Kermit Project @ Columbia University includes Secure Telnet and FTP
http://www.kermit-project.org/ using Kerberos, SRP, and
kermit-support@kermit-project.org OpenSSL. SSH soon to follow.