Vendor comments on plan to remove telnet, ftp and eventually appl/bsd

Sam Hartman hartmans at MIT.EDU
Fri Jul 19 09:43:00 EDT 2002

Hi.  We (MIT Kerberos developers) have known for some time that we
don't do a particularly good job of maintaining the Kerberized
applications.  We're focusing on the core libraries, tests, KDCs and
on work within the IETF.

So far we have kept the applications in our release because we believe
it is important for people to be able to have Kerberos versions of the
standard UNix network applications.

However if someone else is (or can be encouraged to) maintain these
applications with Kerberos support, we'd rather see that happen.  This
is especially true if that set of applications is better maintained
than ours.

We'd like to find specific replacements for ftp, telnet, telnetd and
ftpd that implement Kerberos versions 4 and 5.  

After confirming that we have a specific recommendation we would like
to stop shipping these applications.  For telnet and ftp, we are
considering looking at the SRP Telnet distribution.

We'd like to completely get rid of the BSD applications (including
login.krb5, rsh, rlogin and rcp).  I believe that we should wait until
draft-ietf-secsh-gsskeyex is a proposed standard fully implemented by
at least one free Ssh implementation before dropping rsh, rlogin and
rcp.  Others have prop.proposed that we simply drop the BSD
applications now.

I'm seeking vendor and site integrater comments on this
comments on this proposed direction.

I'd also like to get people together who would be willing to test
proposed candidates for the recommended telnet and ftp replacement to
make sure they actually do meet your needs.  People who could write up
what those needs are would also be welcome.

Finally if there are any other open-source Kerberos telnet or ftp
implementations we should consider besides SRP, please let us know.

More information about the krbdev mailing list