Re: IPsec vs SSH (Was Re: in.telnetd vulnerability??)
From: Darren Moffat (Darren.Moffat@eng.sun.com)Date: 08/04/01
- Previous message: Ryan Russell: "Re: in.telnetd vulnerability??"
- Maybe in reply to: Darren Moffat: "IPsec vs SSH (Was Re: in.telnetd vulnerability??)"
- Next in thread: adam morley: "Re: IPsec vs SSH (Was Re: in.telnetd vulnerability??)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-Id: <200108032220.f73MKlb108230@jurassic.eng.sun.com> Date: Fri, 3 Aug 2001 15:19:29 -0700 (PDT) From: Darren Moffat <Darren.Moffat@eng.sun.com> Subject: Re: IPsec vs SSH (Was Re: in.telnetd vulnerability??) To: adam@gmi.com
>is kerberos pretty easy to configure and manage? straightforward? the one
>thing i remember about kerberos is that one has to login to ones key or get
>their ticket or something to that effect. or is that handled on login?
On Solaris you don't need to do the kinit because it can be handled by
the pam_krb5 module when you login via dtlogin or telnet/rlogin etc.
Personally I don't think kerberos is any more difficult to manage than
NIS but then I'm pretty familiar with it and I also think NIS+ is easier
than NIS but I know NIS and NIS+ at the code level too so I'm not a good
one to judge how easy they are to use for a sysadmin.
Kerberos setup is well documented in on docs.sun.com, just search for
SEAM and this will tell you everything from the KDC setup to setup of
telnetd and NFS.
Given what you said though I think IPsec is probably more where you
should be going if you have traffic other than "remote login" and NFS.
-- Darren J Moffat
- Previous message: Ryan Russell: "Re: in.telnetd vulnerability??"
- Maybe in reply to: Darren Moffat: "IPsec vs SSH (Was Re: in.telnetd vulnerability??)"
- Next in thread: adam morley: "Re: IPsec vs SSH (Was Re: in.telnetd vulnerability??)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
