Douglas E. Engert
deengert at anl.gov
Mon Apr 19 11:37:50 EDT 2004
Milos Djukic wrote:
>
> How can Kerberos authenticate a user who isn't communicating through a Kerberized server? Will the request be automatically rejected as the user is trying to gain a service from an un-trusted server. If so, can the administrators of the Kerberos and the non-kerberos server set up trust, without instaling Kerberos on the latter?
>
It is not clear what you are asking, and others have given you answers. I would interprete
you question to be: Can the client side of Kerberos be used on a mcahine that is not
registered as a seerver?
The kinit program can be run on any machine, even if the machine is not defined as a service
in any realm. A user can even install in thier own directory the client components without
using root. As a minimum, the user would need the kinit, any libs, a client application, like rlogin,
and a kr5.conf file. The user can then use LD_LIBRARY_PATH to piont at the libs, and
KRB5_CONFIG to point at the krb5.conf.
>
> ---------------------------------
> Yahoo! Messenger - Communicate instantly..."Ping" your friends today! Download Messenger Now
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <DEEngert at anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
More information about the Kerberos
mailing list