port-mac68k: Re: secr distributution

Subject: Re: secr distributution
To: None <port-mac68k@NetBSD.ORG>
From: Christopher J Mason <cmason+@CMU.EDU>
List: port-mac68k
Date: 09/29/1997 15:43:38
Excerpts from internet.computing.netbsd.port-mac68k: 17-Sep-97 Secr
Distribution by Tommy Tarka@clockwork.de 
>   As the secr distribution seems to have kerberos, does anyone know if it
> has the "afs" patches installed and/or what distribution (I know it's V4,
> but what *flavor* of V4...) it is?

If you ask because you want to get NetBSD Kerb4 to work with CMU andrew
kerb4, the answer is a rather confusing "yes and no."

Yes, -current NetBSD kerb4 has AFS string2key routines in it.  I've
successfully gotten NetBSD kerb4 to kinit to andrew.  Yes, I have zephyr
installed and working (think I got it somewhere under
/afs/andrew/system/src/local/)  I think this afs str2key stuff is in
there by default but you might need to add a -DAFS or something similar
(its been a while).

No, -current NetBSD kerb4 is not CMU Andrew kerb4.  There are still
incompatibilties.  For example, I've never gotten ksrvutil to "change" a
key so that I can have my own instance, to do stuff like
authenticated/encrypted telnet _in_ to my NetBSD machine (which is also
a IIcx).  NetBSD's ksrvutil gives some "can't contact KDC" or "password
incorrect" when I know the password is right.  Some other kerb4s
(notably the eBones which is in that afs dir above) _crash_ my machine
on just about any kerberos operation other than kinit (like ksrvutil
change or telnet -a into my machine).  I think CMU has messed with kerb4
just enough to make it not interoperate with NetBSD kerb4.  Also NetBSD
ftp/d doesn't do kerb4 authentication.

I'd love to get this stuff to work (particularly authenticated telnet
in), but I've played with it for _hours_ and haven't had much luck. 
Right now I'm using ssh to do this, but i'd much rather use telnet.

Let me know if you ever get it to work.

Also, there was talk once of having /afs on NetBSD/mac68k, but I don't
know what became of that.

-c
 _____________________________________________________________________
|Chris Mason - cmason@nyx.net  cmason@cmu.edu  http://ros.res.cmu.edu |
|"You can always count on a murderer for a fancy prose style."-Nabokov|
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 

--OAA12438.875558447/po7.andrew.cmu.edu--