[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: suggestion: move krb5 daemons to krb5-daemons subpackage

sopwith redhat com (Elliot Lee) writes:

> kshd/klogind are fully encrypted if set up correctly. They're also a
> lot faster than ssh.

Setting up krb5 correctly without virtualization technology (e.g. vserver)
or much money for extra hardware and powersupply is nearly impossible...
Else, you will have only trouble with hostname vs. DNS name conflicts
and/or multi-homed hosts.

The shipped KRB5 implementation misses features like replication or support
for renaming of principals; and the rest of the system misses krb5 support
completely (cups, w3m, svn), nobody cares about it (e.g. no SPNEGO support
in firefox because missing buildrequires) or its implementation is not
well-thought (e.g. login for local accounts fails when network is down).

ssh is much easier to use and provides neat features like encryption of
X11 connections.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]