Last week, I asked:
>We're in the process of upgrading our modem service, one aspect of which will
>be to introduce authentication, ie, every user will have to provide a username
>and password before they can connect.
>
>The terminal servers we are considering offer a variety of mechanisms for
>doing this - TACACS, Kerberos, etc.
>
>However, a number offer Kerberos only. We don't have any experience here with
>Kerberos, and don't really want (ie, haven't got the time) to go into the
>whole of Project Athena.
>
>Is there a stand-alone Kerberos server that one can just retrieve and make?
>
>I'm interested in Kerberos for OSF if possible, but for other versions of unix
>(eg, SunOS) would be ok (in fact desirable for a backup server).
I got several replies, all different. Here they are:
From: Spider Boardman <spider_at_Orb.Nashua.NH.US>
>Ask your Digital account rep about CySecure. It's an
>about-to-be-released product from the DECAthena folks. They
>provide Kerberos servers for DEC OSF/1 and some other UNIX-type
>platforms. I don't know for sure which other ones, though.
From: Ezra Peisach <epeisach_at_MIT.EDU>
>For OSF/1 I made some patches - but I never tested a kerberos server...
>
>You may want to contact cygnus. I believe they have an OSF/1 port -
>server included....
From: "Doug McPherson (617) 441-4565" <DOUGM_at_delphi.com>
>We've found that Radius is a convenient and flexible way to authenticate
>our dialin users. Radius is flexible in that it allows you to insert
>whatever authentication mechanism you want on the radius server (radius
>only defines the dialog between the client and server -- not the
>authentication mechanism itself). I.e. it can use plain ascii files or
>the unix password file on the radius server, if wanted. There are also
>companies out there who have modified the server to include support of
>kerberos and challenge/response applications. [The radius protocol allows
>for challenge/respose dialogs.]
>
>The reference server code that radius has made available (radius 1.16)
>works with their access servers as well as any other device that inplements
>the radius protocol (USR, Xylogics, Ascend, a few others). I know that
>Xyplex will be including Radius support in their access servers real soon
>now, so ask them about it.
>
>For more info on radius, et al, anon ftp to ftp.livingston.com/pub/radius.
>Look over the white paper and the rfc drafts for more details.
From: David Millsom <dave_at_pa1.interserve.com>
>We too have been looking for kerberos for OSF to serve a terminal
>server. We were not successful in finding one so I am porting it.
>I have it partly working but am still ironing out the bugs.
>If its legal to give it away, you can have it. No strings attached
>of course!!
David Morrison, Manager, Networks and Comms, Uni of Newcastle, Australia
David.Morrison_at_newcastle.edu.au or (VAX PSI) psi%0505249626002::sysnet
Phone: +61 49 215397 Fax: +61 49 216910
Education is no good unless you know it. The rest is just Useless Knowledge.
Received on Thu Feb 16 1995 - 22:48:17 NZDT