Data encryption question
Ken Raeburn
raeburn at MIT.EDU
Tue Mar 22 15:47:27 EST 2005
On Mar 21, 2005, at 13:31, Towles, Perry M wrote:
> Does Kerberos only encrypt the user name and password and allow the
> datagram package to be sent in the clear? Unlike SSH which encrypts
> the
> tunnel and has a higher cost overhead in the WAN domain.
The password is never sent in the core Kerberos protocol, encrypted or
not. It's used to generate an encryption key. See RFC 1510 for what
parts of what messages are encrypted or not.
Ken
More information about the Kerberos
mailing list