Kerberos ftp questions

Jim Barlow jbarlow at ncsa.uiuc.edu
Tue Jan 7 15:20:56 EST 2003


With a recent upgrade to 1.2.7 at our site I have discovered that some
users had a kerberos ftp daemon running that was accepting cleartext
passwords (evidently they are using Dreamweaver for web authoring).
It appears that when using password auth with the new fptd it is not
writing out the credentials cache file krb5cc_...  Whereas if I pass
a ticket it does write out the file.  Is this the normal behavior?
Is there something I can configure to write out the credentials file?
(We need this because we use AFS and I need access to the credentials
for aklog to work).

Alternately, does anyone know anything about the kftp windows kerberos proxy
(where I can get it)?  I noticed that University of Washington and Penn State 
both use it for Dreamweaver users to somehow set up a local kerberos ftp proxy
on their machine that DW can use.  Anyone from UW or PSU out there?

Thanks.


-- 
James J. Barlow   <jbarlow at ncsa.uiuc.edu>
Senior System/Security Engineer
National Center for Supercomputing Applications    Voice : (217)244-6403
605 East Springfield Avenue   Champaign, IL 61820   Cell : (217)840-0601
http://www.ncsa.uiuc.edu/~jbarlow                    Fax : (217)244-1987



More information about the Kerberos mailing list