From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: tuhs-bounces@minnie.tuhs.org X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on inbox.vuxu.org X-Spam-Level: * X-Spam-Status: No, score=1.1 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,HTML_MESSAGE,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE,SUBJ_ALL_CAPS autolearn=no autolearn_force=no version=3.4.2 Received: from minnie.tuhs.org (minnie.tuhs.org [45.79.103.53]) by inbox.vuxu.org (OpenSMTPD) with ESMTP id 124a812a for ; Mon, 5 Nov 2018 01:13:45 +0000 (UTC) Received: by minnie.tuhs.org (Postfix, from userid 112) id 037CCA2302; Mon, 5 Nov 2018 11:13:44 +1000 (AEST) Received: from minnie.tuhs.org (localhost [127.0.0.1]) by minnie.tuhs.org (Postfix) with ESMTP id B1249A21F2; Mon, 5 Nov 2018 11:13:22 +1000 (AEST) Received: by minnie.tuhs.org (Postfix, from userid 112) id 149C8A21D9; Mon, 5 Nov 2018 09:49:19 +1000 (AEST) Received: from mail-it1-f175.google.com (mail-it1-f175.google.com [209.85.166.175]) by minnie.tuhs.org (Postfix) with ESMTPS id A3AE1A2154 for ; Mon, 5 Nov 2018 09:49:13 +1000 (AEST) Received: by mail-it1-f175.google.com with SMTP id b7-v6so10331834itd.5 for ; Sun, 04 Nov 2018 15:49:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bsdimp-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=2iyvVayNWWtS/1pvBDJTKBeqwp12roVqE2GGvTNjCA8=; b=uQA+MTGhm0Wk2zyIpLsdAI5849UhspyM8/kNuEPq4K81xcOvoAEOla3wXhzhGyF9nO WpP/JEVv6Fz3eTvh92+nm+zMrW1t5pzEMI5/vAWqO1YRWJQeM+ZnlmldNS5SPrdEF/He hzx1CSaGIUy0l7/mhEWdyACJx5D8Ld8fB8qI6gnIJgv2yF29ayXMOdxKIHJgNxIz6Q4F 0UNacsNQuCSImmJDHQnPvNfr4Pptd/JPSyiPvG6jWAjvFGMc3IuDRv3mYxSerCKx9SrF YyY0KaA2qCClAbIZNzDp0b+/KVZ0ySr3J5kOFq6jj70UrcKcii2UxlPjcQxil/ar/Va3 BRrg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=2iyvVayNWWtS/1pvBDJTKBeqwp12roVqE2GGvTNjCA8=; b=WIxtCZrMw0mbDncz8kkL3FLTHJstlnV/Qs6T3oYZzmOD5DIfpHMK4p6UTb+3vFqZ1C tjfjsiSpOD64QngRE3ASJJjsOoEG2EnsWzaOgAcvec2KoqUtY7wUY9rhCTT7lkhEW2f9 M8Sn3Sm5fMaLoKPHp9KBNoOBov+u6D7fI/vCU90H4raS6R7RhI4ESqLCpxZVvJOepmKB QI6O8uUAUBgNQSzJA1myVjsf22z3bRSgFbIxjmDkw+09eQC8sf/efixke2OM9887/6pJ aYeovHHM38zYheXVneEMwXNNXH0NcYyVlUyNq6ZpM7PU4ZGXqpwK7zo012WzksejrnGb UDKA== X-Gm-Message-State: AGRZ1gKZ3xnuN9YU3knMF67EmAggMTnOIKjSWp7daQpymFGWMiIa2nFI wtCutGBxnfwLkRl1Um1/5QCbEP48mLl15h0AJVLY3g== X-Google-Smtp-Source: AJdET5eE3vBDos794+juSQDVcXeYIywzX+XKHdP8DLCAgSIaEYkGow3nSCSYqHbngNWinhEwxOvp1cjjz6VGmCwl5Xw= X-Received: by 2002:a24:eb0b:: with SMTP id h11-v6mr4934107itj.47.1541375352924; Sun, 04 Nov 2018 15:49:12 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Warner Losh Date: Sun, 4 Nov 2018 16:49:01 -0700 Message-ID: To: grawity@gmail.com Content-Type: multipart/alternative; boundary="00000000000060986d0579df6a65" Subject: Re: [TUHS] YP / NIS / NIS+ / LDAP X-BeenThere: tuhs@minnie.tuhs.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: The Unix Heritage Society mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: TUHS main list , Grant Taylor Errors-To: tuhs-bounces@minnie.tuhs.org Sender: "TUHS" --00000000000060986d0579df6a65 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Sun, Nov 4, 2018 at 4:44 PM Mantas Mikul=C4=97nas wr= ote: > Kerberos exists too, but somewhat less common =E2=80=93 FreeIPA includes = it by > default, but many people just piggyback on LDAP bind as password-based > authentication and use SSH keys for passwordless (because apparently > protocols other than SSH and HTTPS don't exist anymore). The MIT Kerberos= 5 > suite is still actively maintained and receives new features, such as > S-PAKE), whereas Heimdal appears to be on life support. > FreeBSD has Heimdal. We switched over a long time ago when MIT Kerberos 5 at MIT looked like it was going to die. Now the roles have somewhat reversed. Warner --00000000000060986d0579df6a65 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


On Sun= , Nov 4, 2018 at 4:44 PM Mantas Mikul=C4=97nas <grawity@gmail.com> wrote:
Ker= beros exists too, but somewhat less common =E2=80=93 FreeIPA includes it by= default, but many people just piggyback on LDAP bind as password-based aut= hentication and use SSH keys for passwordless (because apparently protocols= other than SSH and HTTPS don't exist anymore). The MIT Kerberos 5 suit= e is still actively maintained and receives new features, such as S-PAKE), = whereas Heimdal appears to be on life support.
=C2=A0
FreeBSD has Heimdal. We switched over a long time a= go when MIT Kerberos 5 at MIT looked like it was going to die. Now the role= s have somewhat reversed.

Warner
--00000000000060986d0579df6a65--