Future of kerberised telnet, login, rsh, ftp?

John Rudd jrudd at ucsc.edu
Thu Jul 7 17:48:18 EDT 2005

On Jul 7, 2005, at 12:52 AM, Mans Nilsson wrote:

> Subject: Future of kerberised telnet, login, rsh, ftp? Date: Wed, Jul 
> 06, 2005 at 11:20:41AM +1000 Quoting Andrew Bartlett 
> (abartlet at samba.org):
>> As a relative newcomer to the kerberos world, I'm wondering what the
>> future of tools like kerberised telnet, rsh, ftp and the like is.  It
>> seems from my viewpoint that OpenSSH (with the gssapi mode) and things
>> like pam_krb5 have taken over from these tools.
> I use them, support them and want them. They are vital to our IT
> infrastructure. The telnet client is IME better on really bad
> networks, which one sometimes must use.

Yeah, I depend heavily on kerberized rsh and rcp for automated tasks.  
And I use kerberized rlogin quite a bit too.

AFAIK, I wouldn't be able to take a kerberos ticket on my local 
machine, use it to authenticate to sshd on a remote host, forward the 
ticket to the remote host, and have the remote host immediately take 
that forwarded ticket and get me an AFS token.  I'm not aware of any 
way to do that only using ssh (at least not with a pre-canned one -- 
installing patches that wont apply against any and every version of 
OpenSSH is not an acceptable solution).

Until ssh can do that, it wont be something I use heavily at work.  
It's just what I use to get back and forth between home machines and 
work machines (because I don't run kerberos at home).

More information about the krbdev mailing list