Host principals

Neulinger, Nathan nneul at umr.edu
Tue May 4 10:53:13 EDT 2004


Host principals are not for the host to authenticate, it's for users to
authenticate to that host. i.e. ssh w/ gssapi, krb telnet, krb ftp, etc.


Yeah, the host _can_ authenticate with that, but that's not what it's
usually used for. It's not needed in any way for clients. 

-- Nathan

------------------------------------------------------------
Nathan Neulinger                       EMail:  nneul at umr.edu
University of Missouri - Rolla         Phone: (573) 341-6679
UMR Information Technology             Fax: (573) 341-4216
 

> -----Original Message-----
> From: kerberos-bounces at MIT.EDU 
> [mailto:kerberos-bounces at MIT.EDU] On Behalf Of Sensei
> Sent: Monday, May 03, 2004 10:43 AM
> To: kerberos at MIT.EDU
> Subject: Host principals
> 
> Hi.
> 
> I was wondering if the host/host.name.dom is really 
> necessary. I mean, 
> on one hand, it's ok if just certain hosts can authenticate, 
> but on the 
> other hand, it's really constrictive.
> 
> What if someone wants to use a pc from home? How's it 
> possible to enable 
> kerberized applications and authentication without the host 
> principals? 
> And would you do that?
> -- 
> Sensei    <mailto:senseiwa at tin.it>
>            <icqnum:241572242>
>            <msn-id:Sensei_Sen at hotmail.com>
> Error: Keyboard not found. Press F1 to continue...
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
> 
> 



More information about the Kerberos mailing list