suggestion: move krb5 daemons to krb5-daemons subpackage
Enrico Scholz
enrico.scholz at informatik.tu-chemnitz.de
Tue Nov 23 22:36:15 UTC 2004
sopwith at redhat.com (Elliot Lee) writes:
> kshd/klogind are fully encrypted if set up correctly. They're also a
> lot faster than ssh.
Setting up krb5 correctly without virtualization technology (e.g. vserver)
or much money for extra hardware and powersupply is nearly impossible...
Else, you will have only trouble with hostname vs. DNS name conflicts
and/or multi-homed hosts.
The shipped KRB5 implementation misses features like replication or support
for renaming of principals; and the rest of the system misses krb5 support
completely (cups, w3m, svn), nobody cares about it (e.g. no SPNEGO support
in firefox because missing buildrequires) or its implementation is not
well-thought (e.g. login for local accounts fails when network is down).
ssh is much easier to use and provides neat features like encryption of
X11 connections.
Enrico
More information about the devel
mailing list