On Tue, Apr 30, 2002 at 10:56:33PM -0500, Bob Tanner wrote: > Anyways, with openssh, ssl, generic TLS stuff. Is kerberos necessary > still? Although Kerberos may be old tech, it's not dead tech. If it were, The Collective, [read Micro$oft], would not have "embraced and extended" it. It may no longer be the defacto standard, as a result of the software you listed above, but it is still a powerful security model. Because Kerberos /is/ used in the Win2k and WinXP network model, and because there are plenty of people on campus who still use these operating systems, it becomes necessary to integrate once again. There has been some chatter about different departments setting up their own Kerberos schema, but that's about as far as it gets. We all have more pressing projects to attend, and Kerberos always seems to find its way to the back-burner. Why? It's much easier to set up an sshd daemon than it is to set up a Kerberos network. ;-) Frankly, I would love to do other things to enhance security before incorporating Kerberos. i.e. NFS over TCP+ssl, etc. -- Chad Walstrom <chewie at wookimus.net> | a.k.a. ^chewie http://www.wookimus.net/ | s.k.a. gunnarr -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20020501/96786cd6/attachment.pgp