question about FTP and kerberos
Danilo Almeida
dalmeida at MIT.EDU
Thu Mar 13 01:35:51 EST 2003
This also depends on what the client and server ftp programs are.
- Danilo
-----Original Message-----
From: kerberos-bounces at MIT.EDU [mailto:kerberos-bounces at MIT.EDU] On Behalf
Of Donn Cave
Sent: Sunday, March 09, 2003 8:18 PM
To: kerberos at mit.edu
Quoth reading-FAQ at verizon.net:
| If I add a user to my W2K Domain controler, and then they log in
| from outside my network, will the ftp files and password be encrypted?
|
| or should I stick to SSH and sftp ?
|
| I think ??? I understand the network authentication part of
| kerberos, but does it also encrypt the password? I think not. help
No, it doesn't encrypt the password, but it doesn't transmit it in
clear text either. Kerberos uses the password as [... stuff that
you have already read about ...] The bottom line is that the password
is not only protected from network sniffing, it's even protected from
the service you're authenticating to.
Kerberos5 (a.k.a. GSSAPI) ftp supports data encryption also, if you
want. But you need a Kerberos ftp, which I guess for Windows means
Kermit or WRQ Reflection, maybe others.
Donn Cave, donn at drizzle.com
More information about the Kerberos
mailing list