question about FTP and kerberos
Donn Cave
donn at drizzle.com
Sun Mar 9 23:18:13 EST 2003
Quoth reading-FAQ at verizon.net:
| If I add a user to my W2K Domain controler, and then they log in
| from outside my network, will the ftp files and password be encrypted?
|
| or should I stick to SSH and sftp ?
|
| I think ??? I understand the network authentication part of
| kerberos, but does it also encrypt the password? I think not. help
No, it doesn't encrypt the password, but it doesn't transmit it in
clear text either. Kerberos uses the password as [... stuff that
you have already read about ...] The bottom line is that the password
is not only protected from network sniffing, it's even protected from
the service you're authenticating to.
Kerberos5 (a.k.a. GSSAPI) ftp supports data encryption also, if you
want. But you need a Kerberos ftp, which I guess for Windows means
Kermit or WRQ Reflection, maybe others.
Donn Cave, donn at drizzle.com
More information about the Kerberos
mailing list