packets to arbitrary port numbers. Similarly, if your users need to run
@code{rsh} from inside your firewall to hosts outside your firewall, the
outside server needs to be able to connect to an arbitrary port on the
-machine inside your firewall. Because @value{PRODUCT} @code{rcp} and
-@code{krdist} use @code{rsh}, the same issues apply to these programs.
-If you need to use @code{rsh} (or @code{rcp} or @code{krdist}) through
-your firewall and are concerned with the security implications of
-allowing connections to arbitrary ports, @value{COMPANY} suggests that
-you have rules that specifically name these applications and, if
-possible, list the allowed hosts.
+machine inside your firewall. Because @value{PRODUCT} @code{rcp} uses
+@code{rsh}, the same issues apply. If you need to use @code{rsh} (or
+@code{rcp}) through your firewall and are concerned with the security
+implications of allowing connections to arbitrary ports, @value{COMPANY}
+suggests that you have rules that specifically name these applications
+and, if possible, list the allowed hosts.
A reasonably good cookbook for configuring firewalls is available by FTP
from @code{ftp.livingston.com}, in the location:
The Kerberized client programs are @code{login.krb5}, @code{rlogin},
@code{telnet}, @code{ftp}, @code{rcp}, @code{rsh}, @code{kinit},
-@code{klist}, @code{kdestroy}, @code{kpasswd}, @code{ksu},
-@c @code{krb524init},
-and @code{krdist}. All of these programs are in the directory
+@code{klist}, @code{kdestroy}, @code{kpasswd}, @code{ksu}, and
+@code{krb524init}. All of these programs are in the directory
@code{@value{ROOTDIR}/bin}, except for @code{login.krb5} which is in
@code{@value{ROOTDIR}/sbin}.
@c @code{krb524init},
@code{klist}, @code{kdestroy}, and to use the Kerberos programs
@c @code{pfrom},
-@code{ksu}, @code{kpasswd}, and @code{krdist}, in place of their
-non-Kerberos counterparts
+@code{ksu}, and @code{kpasswd} in place of their non-Kerberos
+counterparts
@c @code{from}
@code{su}, @code{passwd}, and @code{rdist}.
The @value{PRODUCT} @dfn{network programs} are those programs that
connect to another host somewhere on the internet. These programs
include @code{rlogin}, @code{telnet}, @code{ftp}, @code{rsh},
-@code{rcp}, @code{krdist}, and @code{ksu}. These programs have all of
-the original features of the corresponding non-Kerberos @code{rlogin},
-@code{telnet}, @code{ftp}, @code{rsh}, @code{rcp}, @code{rdist}, and
-@code{su} programs, plus additional features that transparently use your
-Kerberos tickets for negotiating authentication and optional encryption
-with the remote host. In most cases, all you'll notice is that you no
-longer have to type your password, because Kerberos has already proven
-your identity.
+@code{rcp}, and @code{ksu}. These programs have all of the original
+features of the corresponding non-Kerberos @code{rlogin}, @code{telnet},
+@code{ftp}, @code{rsh}, @code{rcp}, and @code{su} programs, plus
+additional features that transparently use your Kerberos tickets for
+negotiating authentication and optional encryption with the remote host.
+In most cases, all you'll notice is that you no longer have to type your
+password, because Kerberos has already proven your identity.
The @value{PRODUCT} network programs allow you the options of forwarding
your tickets to the remote host (if you obtained forwardable tickets
* rsh Reference::
* rcp Reference::
* ksu Reference::
-* krdist Reference::
@end menu
@node kinit Reference, klist Reference, Kerberos V5 Reference, Kerberos V5 Reference
Type @kbd{M-x manual-entry rcp} to read this manual page.
@end ifinfo
-@node ksu Reference, krdist Reference, rcp Reference, Kerberos V5 Reference
+@node ksu Reference, , rcp Reference, Kerberos V5 Reference
@section ksu Reference
@iftex
Type @kbd{M-x manual-entry ksu} to read this manual page.
@end ifinfo
-@node krdist Reference, , ksu Reference, Kerberos V5 Reference
-@section krdist Reference
-
-@iftex
-@special{psfile=krdist1.ps voffset=-1115 hoffset=-40}
-@centerline{Reference Manual for @code{krdist}}
-@page
-
-@special{psfile=krdist2.ps voffset=-1115 hoffset=-40}
-@centerline{Reference Manual for @code{krdist}}
-@page
-
-@special{psfile=krdist3.ps voffset=-1115 hoffset=-40}
-@centerline{Reference Manual for @code{krdist}}
-@page
-
-@special{psfile=krdist4.ps voffset=-1115 hoffset=-40}
-@centerline{Reference Manual for @code{krdist}}
-@page
-
-@special{psfile=krdist5.ps voffset=-1115 hoffset=-40}
-@centerline{Reference Manual for @code{krdist}}
-@page
-
-@special{psfile=krdist6.ps voffset=-1115 hoffset=-40}
-@centerline{Reference Manual for @code{krdist}}
-@page
-
-@special{psfile=krdist7.ps voffset=-1115 hoffset=-40}
-@centerline{Reference Manual for @code{krdist}}
-@page
-@end iftex
-@ifinfo
-Type @kbd{M-x manual-entry krdist} to read this manual page.
-@end ifinfo
-
@node Kerberos Glossary, , Kerberos V5 Reference, Top
@appendix Kerberos Glossary
projects / krb5.git / commitdiff