>In message <199409031509.KAA22214@MindBender.HeadCandy.com>you write:
>->Kerberos requires a dedicated server (i.e. a machine not used for
>->anything but kerberos).  You can find the kerberos sources on
>->gatekeeper.dec.com, among other places.
>
>Our Ultrix machine runs the kerberos master quite happily.  
>An we do work on it, because its ridiculous to hve this beast sitting there
>and doing only kerberos.
>
>Anyway, the Ultrix docs do not mention the need of a dedicated kerberos
>master server.
>
>On the other Hand, Ultrix may be using kerberos IV.

As for Kerberos 4, you do not *need* a dedicated server, but it is rather
insane not to have one.  If Kerberos is comprimised, there goes the purpose
of having Kerberos in the first place.

vorpal.com uses kerberosIV, and the master server is ``insecure'' but that's
ok -- we're only using it to cross-realm authenticate and to keep people out
of our machines.  Everyone here at home has root to everyone else's machines.

--Michael

--
Michael Graff                 <explorer@vorpal.com>
1304 Florida #3               (515) 296-2735
Ames, IA  50014           PGP key on a server near YOU!