Tech Insider					     Technology and Trends


		      Kerberos Mailing List Archives

From mtc@ATHENA.MIT.EDU  Mon Jun 30 16:49:26 1986
To: kerberos
Subject: initial version of kerberos-authenticated rlogin etc
Date: Mon, 30 Jun 86 16:47:04 -0500
From: Mark Colan <mtc@ATHENA.MIT.EDU>

This memo describes the use of the initial version of the remote
services (rlogin, rcp, rsh) that use Kerberos authentication.
This software is still in slightly rough shape and is will be
undergoing some development for the next week or so, depending
on the types of bugs found.

At the moment, these programs use a very slightly modified "protocol"
from the original utilities.  A new protocol may be developed if
Athena mgt decides that this is appropriate use of resources.

INSTALLING THE SOFTWARE

The following files are located in goanna:krb/bin.  They can be
installed in any directory on the host machine, but a symbolic
link /krb must point to their home.

	rshd,kshd	remote shell daemon; same file, different links
	rlogind,klogind	login daemon; same file, different links
	rlogin,rcp,rsh	the user programs to access remote services
	login		called by rlogind

 Note that rlogin, rcp, and rsh must be owned by root and set uid, as in:

	su
	chown root rlogin rcp rsh
	chmod 4555 rlogin rcp rsh

CONFIGURATION FILES

Two files require new entries to use these programs.  

/etc/inetd.conf: Add these two lines at the end of the file:

kshell	stream	tcp	nowait	root	/krb/kshd	kshd
klogin	stream	tcp	nowait	root	/krb/klogind	klogind

After updating /etc/inetd.conf, you must cycle inetd to get it
to read the changes:

	su
	ps -aux | grep inetd
	kill -9 		where  came from the ps, above.
	inetd

/etc/services:  Add these lines somewhere in the file:

#
# Kerberos-authenticated services
#
klogin		543/tcp
kshell		544/tcp		cmd		# no passwords used

In addition, the usual Kerberos configuration files, /etc/srvtab and
/etc/k_in_tkts must be properly set up; see bcn for more information
on the required changes.  Also, new entries are required in the
Kerberos database to enable a particular user to use services.

Please report problems and bugs to mtc.

mtc

			      USENET Archives


The materials and information included in this website may only be used
for purposes such as criticism, review, private study, scholarship, or 
research.


Electronic mail:			       WorldWideWeb:
   tech-insider@outlook.com			  http://tech-insider.org/