kolk@SMILEY.STANFORD.EDU (Dan Kolkowitz) (05/12/89)
This is a description of a small change to the application login.krb (bsd login) that makes the use of kerberos a little more tranparent. As currently constructed, login (login.krb) passes across a null instance for the user to get a ticket for "krbtgt". This means that the user's password needs to be the same as the user's kerberos key to decrypt the response. This seems undesirable since all hosts need to have the same password to enable login to get keys. A simple modification to login.c and kerberos.c changes that: instead of passing across a null instance in the initial request one can pass across the actual host making the request. If the principal and instance (the user and hostname) are registered with the kerberos server, then the server encrypts the returned ticket in the users private key for that instance. The only change to kerberos.c is to use the user's private key for the realm (the null isntance) when a [user,instance] pair doesn't exist. Then it simply acts as before--it uses the user's kerbewros key for the response. The final effect of all of this is that passwords can differ across hosts but the ticket granting behavior stays the same. I've made these changes and it seems to work. The next change in the same direction is to have /bin/password update the key in an authenticated manner. Dan