[Date Prev] [Date Index] [Date Next] [Thread Prev] [Thread Index] [Thread Next]
Doug Hughes doug@gblx.net
Mon, 21 May 2001 08:19:26 -0700 (PDT)
On Mon, 21 May 2001, Bryan Stansell wrote: > On Mon, May 21, 2001 at 11:29:36AM +0100, Iain Rae wrote: > > Do we just want to have encrypted channels or to handle things like Kerberos > > authentication? > > Encryption would be extremely nice...whatever type (I'd like to not > have to install ssl certs, but others probably would, to verify it's > really their console server - just a thought). Authentication, on the > other hand, is another beast and, while it too would be great > (kerberos, securid, s-key, ...), it's a whole different set of code > manipulation and I'd suggest thinking about them separately. > > > Which protocols would we want (I suspect SSL will be the easiest way to get > > some kind of encrypted channel, but we (dcs) would want Kerberos and possibly > > ssh)? > > > > Is it a compilation/configuration choice or should conserver support multiple > > different systems? > > My first thought is it should be a compilation choice - you don't want > to have to have kerberos, ssh, and ssl libraries to just compile the > thing. Would anyone want to run multiple protocols within a conserver > installation? I'd think not (beyond the "that would be cool" factor), > but, opinions? I know I'd just pick one and compile it in. > I'd opt for: [configure] --with-openssl=... --with-ssl-cert=... --with-libcrypto=... --with-kerbv5=... (type of stuff - make them all independent modules) Doug