Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!usc!snorkelwacker.mit.edu!stanford.edu!ATHENA.MIT.EDU!qjb
From: qjb@ATHENA.MIT.EDU
Newsgroups: comp.protocols.kerberos
Subject: Re: setup of kerberos
Message-ID: <9104071744.AA22137@soup.MIT.EDU>
Date: 7 Apr 91 17:44:19 GMT
Sender: news@shelby.stanford.edu (USENET News System)
Organization: Internet-USENET Gateway at Stanford University
Lines: 15


> not automatically follow you.  In order to get tickets on host B, you
> will either need to kinit after you rlogin (which has the drawback that
> your password goes accross the network in the clear), or you need to use
> a client called rkinit before you use rlogin.  rkinit securely obtains
> and transports over to host B tickets which can be used for host B.
> Both using kinit and rkinit require that you type your password over
> again, but that's the price you pay for security.

It should also be mentioned that you can use rlogin -x and then
kinit.  If you use the encrypted rlogin, you still have to type
your password over again, and it still goes over the network,
but at least it goes over encrypted instead of in the clear.

                                - Jay Berkenbilt