BILLW@MATHOM.CISCO.COM (William Westfield) (10/15/87)
Is there a spec for a general purpose authentication service ? What I want is somewhere I can send a UDP datagram containing things like my host name, my user name, my password, and perhaps other info (all somewhat encrypted, hopefully), and get back a response that says yes or no. (note that this is different than the TCP level authentication server described in rfc931... Thanks Bill Westfield cisco Systems. is is iT
STJOHNS@SRI-NIC.ARPA (10/15/87)
Bill, I've been trying to get out an RFC detailing the protocol we use between the TACs and the TACACS boxes, but I haven't had a chance to edit it and format it properly. I can send you a copy (paper) if you want to take a look at it. Sorry, it isn't wrapped in anything resembling encryption. Mike
geoff@eagle_snax.UUCP ( R.H. coast near the top) (10/18/87)
I faced this problem with PC-NFS: how do you "log in" to a PC and
acquire credentials to use over the wire. Finding nothing in the
standards world, I rolled my own: a fairly trivial RPC-based
implementation. The server side code ("pcnfsd") is in the public
domain, and a number of people are using it. It doesn't use
encryption (useless unless you're going to do it ALL right: see
the "Secure RPC" paper from one of the recent Usenix's) but it
does use a rot13-like scrambling to discourage casual browsers.
--
Geoff Arnold, Sun Microsystems | "Picture a bright blue ball,
East Coast Division (home of PC-NFS) | Spinning, spinning free;
UUCP: {ihnp4,decwrl,...}!sun!garnold | Dizzy with possibility...
ARPA: garnold@sun.com | Ashes, ashes, all fall down..."