Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sun-barr!apple!usc!julius.cs.uiuc.edu!ux1.cso.uiuc.edu!news.iastate.edu!IASTATE.EDU!john
From: john@IASTATE.EDU (Hascall John Paul)
Newsgroups: comp.protocols.kerberos
Subject: Re: Kerberized clients and servers
Message-ID: <1991Jan29.130053@IASTATE.EDU>
Date: 29 Jan 91 19:00:53 GMT
References: <1991Jan22.181236.19585@eng.ufl.edu> <1991Jan23.054126.22458@news.iastate.edu>
Sender: news@news.iastate.edu (USENET News System)
Reply-To: john@IASTATE.EDU (Hascall John Paul)
Organization: Iowa State University
Lines: 49

In article <1991Jan23.054126.22458@news.iastate.edu>, john@iastate.edu (Hascall
John Paul) writes:
> In article <1991Jan22.181236.19585@eng.ufl.edu> pak@heifer.eng.ufl.edu (Philip
A. Kufeldt) writes:
> }Can I get any help with regards to the existance or non existance of
> } various kerberized bsd clients and servers.  For example, is ther a
> } kerberos verion of ftp, ftpd, telnet, telnetd, rexecd, etc....

> would be an interesting idea...  I have modified our ftp[d] to
> do appropriate kerberos/hesiod/attach things, but it is based on
> Ultrix source so I can't really send the source to you (I could
> send my additions if you also have source of some sort).

   I have received several requests for these, so when things calm down here
a little I will post a message indicating that they% can be had be anonymous
ftp from iastate.edu (129.186.254.151) -- at the *very* worst it will be the
end of Feb. when "export release 1" of our project is to be made available.

   For those contemplating striking out on their own early, I used
two new "X" commands (wouldn't compatibility be nice?):

      XKAD xxxxxx CRLF       (the rcmd authenticator hexified)
      XKPW yyyyyy CRLF       (password as mk_priv hexified)

   Q: Is there a way to get a tgt without passing the password?  I am
      guessing there isn't.  I assume that this will be possible under
      V5 of the protocol?

   I am also working on passing similar data in a telnet option, I have
been using telnet option 40 (if this goes any further an official option
number should be requested/assigned).  Something like:

     telnet sends                              telnetd sends
     IAC WILL AUTH
                                               IAC DO AUTH
     IAC SB AUTH xxxxxx SPACE yyyyyy IAC SE


John

% I am still trying to determine if the Ultrix source is any different
  from the vanilla BSD source -- so you may get the whole thing or you may
  get diffs.

--
John Hascall                        An ill-chosen word is the fool's messenger.
Project Vincent
Iowa State University Computation Center                       john@iastate.edu
Ames, IA  50011                                                  (515) 294-9551