Its time to check the CERT archives. There was one out earlier this
year that a poor random number generator seed value made the keys
generated for encrypted kerberized (telnet, others?) sessions easier
to crack then it should be. If I remember correctly, this only
affected Kerberos 4 implementations, and is already fixed in Kerberos 5.
Check with your O.S. provider for possible fixes
Personal Opinions provided by
aka leonard @
GEMINI COMPUTERS INC
On Thu, 7 Nov 1996, Todd Graham Lewis wrote:
> On Thu, 7 Nov 1996, Tony Iannotti wrote:
> > On Thu, 7 Nov 1996, Craig Brozefsky wrote:
> > > On Wed, 6 Nov 1996, Tony Iannotti wrote:
> > >
> > > > I thought kerberos only did authentication, not session encryption?
> > >
> > > It's broken tho.
> > The encryption or authentication part? How so? Pointers welcome if this is
> > a faq.
> I, too, am curious. We have encrypting kerberized applications all over
> the place, all from the latest distribution. Which part, indeed, is broken?
> Todd Graham Lewis Linux! Core Engineering
> Mindspring Enterprises tlewis @
com (800) 719 4664, x2804
Re: POP3 proxy
From: Todd Graham Lewis <lists @