Can't use NAT
donn at u.washington.edu
Fri Sep 27 16:58:00 EDT 2002
Quoth "Douglas E. Engert" <deengert at anl.gov>:
| Alexandra Ellwood wrote:
|> Protocols use GSSAPI and require channel bindings (such as some ftp
|> servers) will also not work even if you have addressless Kerberos 5
|> tickets because channel bindings contain IP address information.
| If you realy want FTP to work (really gssapi on WIN32) as well, we have a mod:
At present (in 1.2.6), a site that wants to support NAT to GSS ftp
on UNIX only needs to replace the channel binding parameter to
gss_accept_security_context() with GSS_C_NO_CHANNEL_BINDINGS, right?
Would it be a good idea for that to be the standard in future releases,
or at least a flag option as submitted by Steven Michaud 8 Aug 2001?
Donn Cave, donn at u.washington.edu
More information about the krbdev