cvs commit: src/release Makefile src/release/scripts
crypto-install.sh
Garrett Wollman
wollman at lcs.mit.edu
Wed Apr 30 12:17:10 PDT 2003
<<On Wed, 30 Apr 2003 11:16:03 -0700, Kris Kennaway <kris at obsecurity.org> said:
> Hmm, is it really a good idea to combine crypto and krb5? krb5 is, I
> suspect, a rarely-used feature in the wild.
``The wild'' contains lots and lots of Windows Active Directory
implementations.
For any operation larger than a few dozen hosts, Kerberos is a great
deal easier to manage than n^2 SSH key combinations. (This presumes
that you have a working version of Kerberized SSH, which at present
means OpenSSH 3.4 with the patches.) Even for relatively small
installations, the convenience factor can be significant, particularly
when integrated with other operating systems infrastructure.
-GAWollman
More information about the cvs-src
mailing list