Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!wuarchive!udel!haven!mimsy!mojo!news
From: nero@eng.umd.edu (Oren L. Stern)
Newsgroups: comp.protocols.kerberos
Subject: Questions about ksu
Message-ID: <1990Dec15.173149.23150@eng.umd.edu>
Date: 15 Dec 90 17:31:49 GMT
Sender: news@eng.umd.edu (C-News)
Organization: College of Engineering, Maryversity of Uniland, College Park
Lines: 16

Someone please correct me on ksu...

If you rlogin to a machine and then ksu, you are typing the password in the
clear over the network.  I'm told that the way around this is to ksu and
then rlogin.  However, to do this, you need to set up your pty's as secure
in /etc/ttytab.  I'm also told that this isn't the most secure way to set
up your system.  Is there no alternative, or have I just got my system
misconfigured?

Also, a question about the design of ksu.  Is there any reason that it doesn't
fork off a process to do a kdestroy when you leave the shell like login.krb
does?  Everyone here is having the hardest time remembering to kdestroy...

--
Oren Stern (nero@eng.umd.edu)	| "A boy without mischief is like a bowling ball
UUCP:  uunet!eng.umd.edu!nero  	|  without a liquid center" -- Homer Simpson