[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: hurd does NOT need /hurd

Andrew Suffield <asuffield@debian.org> writes:

> That sure sounds like kerberos to me. Or at least one of the many
> things kerberos can do.

Perhaps. There are some similarities in structure. I'm not terribly
familiar with typical kerberos usage, but I thought one of the points
were that you can get some of your processes running on a machine,
without your clear text password ever entering that machine.

If one runs one's kerberos client, the login session, and the
kerberos ticket-granting server all on the same machine, then it
resembles the Hurd's passwd server, but I don't think that's a common

To use the Hurd and kerberos, you'd want a server that hands out an
authentication token in response to a kerberos ticket, but noone have
written anything like that yet, I think.

One other important component in the Hurd is the auth server, which is
used for things like validation of auth tokens that client processes
claim to have. This is the most central component for Hurd access
control, I think. The passwd server is a more peripheral component
which is used only by programs such as login, su, and addauth.


To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: