> Excerpts from internet.computing.netbsd.port-mac68k: 17-Sep-97 Secr
> Distribution by Tommy Tarka@clockwork.de 
> >   As the secr distribution seems to have kerberos, does anyone know if it
> > has the "afs" patches installed and/or what distribution (I know it's V4,
> > but what *flavor* of V4...) it is?
> 
> If you ask because you want to get NetBSD Kerb4 to work with CMU andrew
> kerb4, the answer is a rather confusing "yes and no."
> 
> Yes, -current NetBSD kerb4 has AFS string2key routines in it.  I've
> successfully gotten NetBSD kerb4 to kinit to andrew.  Yes, I have zephyr
> installed and working (think I got it somewhere under
> /afs/andrew/system/src/local/)  I think this afs str2key stuff is in
> there by default but you might need to add a -DAFS or something similar
> (its been a while).
> 
> No, -current NetBSD kerb4 is not CMU Andrew kerb4.  There are still
> incompatibilties.  For example, I've never gotten ksrvutil to "change" a
> key so that I can have my own instance, to do stuff like
> authenticated/encrypted telnet _in_ to my NetBSD machine (which is also
> a IIcx).  NetBSD's ksrvutil gives some "can't contact KDC" or "password
> incorrect" when I know the password is right.  Some other kerb4s
> (notably the eBones which is in that afs dir above) _crash_ my machine
> on just about any kerberos operation other than kinit (like ksrvutil
> change or telnet -a into my machine).  I think CMU has messed with kerb4
> just enough to make it not interoperate with NetBSD kerb4.  Also NetBSD
> ftp/d doesn't do kerb4 authentication.

I've got authenticated telnetting in to work here at Stanford, though I
don't know what kind of kerberos we're using (we use the afs string2key,
and I _think_ it's CMU kerberos, but I'm not sure).

I just checked, and I think we use mit kerberos for most stuff.  There were
no CMU copyrights in the binary. :-(

I'd suggest either ktrace telnetd, and/or lots of printf's.

Take care,

Bill