Issues with rsh and kerberos
inode0
inode0 at gmail.com
Sat Feb 5 14:08:36 UTC 2005
On Fri, 04 Feb 2005 10:02:48 -0800, Rick Stevens
<rstevens at vitalstream.com> wrote:
>
> Can you use both? Certainly! Should you? It depends on what you're
> trying to accomplish. It's very useful for single-point authentication
> on a server farm, for instance. The downside is that Kerberos doesn't
> provide encryption (many people mistakenly think it does). All
> conversations between the systems using stuff such as rsh, rlogin, etc.
> remain in plaintext, so the network still must be pretty secure.
Kerberos can provide encryption for these services. Typically
kerberos clients like rsh, rlogin, and telnet have a -x switch to turn
on encryption of the data stream. The service you are connecting to
needs to support this as well for it to work though.
John
More information about the Redhat-install-list
mailing list