On Fri, 8 Nov 1996, Craig Brozefsky wrote:
> deslogin is pretty good to, and unlike S/Key or SSH, I know of noone who
> has found methods to attack it succesfully.
Cool; I'll look into it.
> Make sure you are using Kerb5 at least, although reportedly there are
> exploits for Kerb5. Kerb4 should be considered broken IMO.
Definitely. If you use kerberos, be sure to get the latest beta of
version 5 from MIT. Most vendors' stock versions are still v4 (groan),
not that we'd run vendor versions of important software anyway. (Anyone
out there running stock sendmail on a solaris box? 8^)
> What context would you be using it in?
What context would you be asking that question in? 8^)
Same as ssh; secure access to server and other machines, with all the
bells and whistles that kerberos gives you.
Todd Graham Lewis Linux! Core Engineering
Mindspring Enterprises tlewis @
com (800) 719 4664, x2804