[OpenAFS] Kerberos 5-to-4 daemon
Douglas E. Engert
deengert@anl.gov
Tue, 29 Jul 2003 13:53:29 -0500
Matt Weatherford wrote:
>
> Does the krb524 daemon open up any security risks if run on
> a kerberos 5 server? If I want all my clients to use Kerb 5,
> does having the 524 daemon running allow users/clients (other than
> AFS clients) to use kerb 4 protocols to authenticate?
You can setup the krb524d to only translate the AFS key.
See the -k option, to use a keytab rather then KDC database.
>
> Will krb524 weaken the security of my Kerb 5 server?
>
> Thanks,
> Matt
>
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
--
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444