Several different versions and distributions of Kerberos are available. Most of them are based
on MIT distributions in one form or another, but the lineage isn’t always simple to trace. The
newest version of MIT Kerberos is version 5. Versions 4 and 5 are based on completely
different protocols. The MIT Kerberos version 5 distribution contains some compatibility
code to support conversion from version 4:
on MIT distributions in one form or another, but the lineage isn’t always simple to trace. The
newest version of MIT Kerberos is version 5. Versions 4 and 5 are based on completely
different protocols. The MIT Kerberos version 5 distribution contains some compatibility
code to support conversion from version 4:
- The Kerberos version 5 server can optionally service version 4 requests.
- A program enables users to convert a version 4 format Kerberos database to a version 5
format database. - An administration server that accepts version 4 protocol and operates on a version 5 database.
Some distributions are freely available, some are stand-alone commercial products, and others
are part of a larger free or commercial system.
Versions of Kerberos Version 4
There are several VERSION 4 distributions available. Because version 4 is not totally compatible
with version 5, organizations starting new Kerberos installations should consider starting
at version 5.
MIT Kerberos Version 4 Availability
MIT version 4 is freely available in the U.S. and Canada through anonymous FTP from
athena-dist.mit.edu (18.71.0.38). For specific instructions, change to the pub/Kerberos directory and download the file README.KRB4 (for version 4) or README.KRB5 (for
version 5), both of which are text files that explain the export restrictions and contain detailed
instructions on how to download the source code via anonymous FTP. Locations outside
North America may use the Bones version.
Transarc Kerberos
A second distribution of Kerberos version 4 is available as a commercial product from
Transarc. Years ago, the designers of AFS decided to implement their own security system
based on the Kerberos specification rather than using MIT Kerberos version 4, which then was
not publicly available. Consequently, Transarc’s AFS Kerberos speaks a slightly different
protocol but also understands the MIT Kerberos version 4 protocol. They can, in principal,
talk to each other. Enough annoying incompatible details, however, make it impractical.
DEC Ultrix Kerberos
A third distribution of Kerberos version 4 is available from Digital Equipment Corporation.
Aside from a few changes, DEC’s commercial version essentially matches MIT Kerberos
version 4.
are part of a larger free or commercial system.
Versions of Kerberos Version 4
There are several VERSION 4 distributions available. Because version 4 is not totally compatible
with version 5, organizations starting new Kerberos installations should consider starting
at version 5.
MIT Kerberos Version 4 Availability
MIT version 4 is freely available in the U.S. and Canada through anonymous FTP from
athena-dist.mit.edu (18.71.0.38). For specific instructions, change to the pub/Kerberos directory and download the file README.KRB4 (for version 4) or README.KRB5 (for
version 5), both of which are text files that explain the export restrictions and contain detailed
instructions on how to download the source code via anonymous FTP. Locations outside
North America may use the Bones version.
Transarc Kerberos
A second distribution of Kerberos version 4 is available as a commercial product from
Transarc. Years ago, the designers of AFS decided to implement their own security system
based on the Kerberos specification rather than using MIT Kerberos version 4, which then was
not publicly available. Consequently, Transarc’s AFS Kerberos speaks a slightly different
protocol but also understands the MIT Kerberos version 4 protocol. They can, in principal,
talk to each other. Enough annoying incompatible details, however, make it impractical.
DEC Ultrix Kerberos
A third distribution of Kerberos version 4 is available from Digital Equipment Corporation.
Aside from a few changes, DEC’s commercial version essentially matches MIT Kerberos
version 4.
No comments:
Post a Comment