On Tue, 17 Aug 1999, Kris Kennaway wrote: > > Which is the problem if you're say, using ftp to a remote system right? > > In the non-PAM world, how would the ticket get from the client to the FTP > server? Some kind of subchannel?
With FTP, one uses GSSAPI. With telnet/rlogin/rsh authentication is negotiated in such a way that it is possible for the client to say "Hey, we want to give you a kerberos ticket to authenticate ourselves." The server replies with something like "Sure, let me have it." or "Kerberos?", or "Yea, but only if you promise to give me a Kerberos 5 ticket." or smething like that. -- | Matthew N. Dodd | '78 Datsun 280Z | '75 Volvo 164E | FreeBSD/NetBSD | | [email protected] | 2 x '84 Volvo 245DL | ix86,sparc,pmax | | http://www.jurai.net/~winter | This Space For Rent | ISO8802.5 4ever | To Unsubscribe: send mail to [email protected] with "unsubscribe freebsd-hackers" in the body of the message
