running krb5kdc from xinetd
Leland Wallace
randall at apple.com
Wed Feb 25 15:35:34 EST 2004
On Feb 25, 2004, at 11:50 AM, Sam Hartman wrote:
>>>>>> "Leland" == Leland Wallace <randall at apple.com> writes:
<snip>
> The KDC does not support running out of inetd. Reasons adding this
> support would be a b bad idea include:
> * Setting up the PRNG for key generation
>
> * The lookaside cache for retransmitting replays
>
> * Binding to both TCP and UDP
>
sounds reasonable,
is there a way to have the kdc launched on demand (not for every
request, but for 5 min at a time or so, or the replay cache ttl)
possibly separating the PRNG setup to something external? [storing the
state in a randseed file] (this one probably belongs on the krbdev
list).
what other fixed initialization is required?
Leland
+-----------------------------------------------------------------------
------------
Leland Wallace Working in Core Servers
randall at apple.com but not speaking for Apple Computer Inc.
http://homepage.mac.com/randall
+-----------------------------------------------------------------------
------------
More information about the Kerberos
mailing list