Future of kerberised telnet, login, rsh, ftp?

Howard Chu hyc at highlandsun.com
Tue Jul 5 23:00:41 EDT 2005

Andrew Bartlett wrote:
> As a relative newcomer to the kerberos world, I'm wondering what the
> future of tools like kerberised telnet, rsh, ftp and the like is.  It
> seems from my viewpoint that OpenSSH (with the gssapi mode) and things
> like pam_krb5 have taken over from these tools.
> I note that recent security advisories for both distributions were in
> these 'utility' programs (telnet, ftpd etc) rather than in the core
> kerberos code.  
> Do these tools still have wide use?  Is there a plan to phase them out,
> or maintain them separately to the main kerberos distribution?
> (This was brought up by a look we are taking on samba-technical about
> what proportion of Heimdal to import, with a strong view to avoid
> including these apps).

Just echoing that. I avoid using them as well, and we often run into 
difficulties porting these programs to our supported platforms. Their 
base code seems to be quite ancient, and ssh has supserseded all of 
their usefulness.

   -- Howard Chu
   Chief Architect, Symas Corp.       Director, Highland Sun
   http://www.symas.com               http://highlandsun.com/hyc
   Symas: Premier OpenSource Development and Support

More information about the krbdev mailing list