questions about pre-auth

Johannes russek johannes.russek at io-consulting.net
Thu Jun 10 10:01:12 EDT 2004


hi there
i'd like to allow my users access to a kerberized service from anywhere in
the internet. to use it even more secure, i'd like to require pre-auth, so i
have control over the client machines.
now my question: is the hostname part in the client-machines host/foo at REALM
ticket as sensitive as server-machine host ticket hostnames are? am i only
able to use pre-auth for machines, that have static hostnames?
what about dynamic hostnames for mobile users for example?
best regards, johannes russek



More information about the Kerberos mailing list