Gervis Franhousen wrote:
Hi, I'm a long time reader of the slug lists, although I've never been
game enough to post, until now that is.
<quote who="O Plameras">
> The point here is having a connection ( established through kerberised
> telnet), and once that connection is established, the messages exchanged
> between the two computers are encrypted.
This is absolutely true for ssh,
1. True, when ssh from Computer A to Computer B.
2. Not true, when ssh from Computer A to Computer B and then ssh to
Computer C.
And then beyond.
3. This problem in 2. is exactly the problem that Kerberised telnet
fixes. In fact, Kerberos
fixed this problem for ssh when hopping (telnetting) from one computer
to any number
of other computers.
So, Jeff is the one making WRONG advise.
and *optionally* true for many kerberised
telnet implementations. It is not a property of kerberos itself *at all*.
Kerberos provides AAA support only.
Jeff says Kerberos provides AAA support only. This is wrong again.
Kerberos provides AA, services amongst others, NOT an additional A.
It also provides a host of services like telnet, rcp, etc. that are
kerberised.
Another wrong advise.
He is probably thinking of Radius which is entirely a different type of
authentication package.
> I do now believe you do not know what Kerberos is, what it does, what it
> can do, and why people love it.
Oscar, you're better off listening and learning that biting the hand that
feeds you.
So, Jeff, you should be listening to me.
O Plameras
_______________________________________________
coders mailing list
coders@slug.org.au
http://lists.slug.org.au/listinfo/coders
