On Fri, May 31, 2002 at 06:25:14PM -0700, John Rudd wrote: > [EMAIL PROTECTED] wrote: > > > > Now. Sun has an implementation of all of that based on MIT krb5 code, though you >can't simply take MIT krb5 and plug it in - you must use Sun's code. > > > What exactly do you mean here? What do you mean by "you must use sun's > code"? > > I have MIT krb5 installed on my solaris 8 hosts, and I also have Sun's > krb5 installed on them. I use them together freely (with 2 MIT KDC's). > My popper and kpopper were compiled against MIT, and my popper uses > Sun's PAM module for KRB5 passwords authentication. I have > /etc/krb5/krb5.conf symlinked to /etc/krb5.conf, etc. Everything works > together just fine (I can MIT kinit and then Sun klist, etc.). > > Where are these things not interchangable, and what code of Sun's must I > use for Secure NFS?
Solaris Secure NFS uses a kernel module that handles some of the Kerberos protocol. There's also a gssd daemon in user space that interacts with the Solaris Kerberos mech lib on behalf of NFS. It would be difficult to replace Solaris Kerberos with MIT Kerberos and still have Secure NFS function properly. Why do you want to replace the Solaris Kerberos? -- Will Fiveash Sun Microsystems Inc. Austin, TX, USA (TZ=CST6CDT) ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] http://mailman.mit.edu/mailman/listinfo/kerberos
