Ping a Specific Port

Question

Michael Lowman

Asked: 2011-01-09 20:13:01 +0800 CST2011-01-09 20:13:01 +0800 CST 2011-01-09 20:13:01 +0800 CST

Which kerberos flavor?

772

So I'm setting up a small network with all the standard stuff (files, email, etc.) and I've decided to go with a Kerberos+LDAP solution. Any ideas or recommendations on Heimdal vs. MIT?

I've used MIT before, and tangentially Heimdal, but I don't really know of any real reason for using one over the other. I just know that I'd prefer not to realize I'd rather be running MIT after getting the whole Heimdal up and running with a full user database.

If any other info'd be useful, I'm happy to provide.

5 Answers

Voted

ptman · Answer 1 · 2011-01-09T22:44:31+08:00

ptman

2011-01-09T22:44:31+08:002011-01-09T22:44:31+08:00

MIT Kerberos is well supported. It is the reference implementation and default on RedHat and I believe Debian as well. OTOH, Heimdal had slightly nicer administration tools IIRC, but I've gone with MIT.

4

larsks · Answer 2 · 2011-01-09T20:20:37+08:00

larsks

2011-01-09T20:20:37+08:002011-01-09T20:20:37+08:00

I would tend to answer, "whichever one is provided by your distribution", unless there are particular features you need that are only available in one or the other. For example, Heimdal lets you use an LDAP directory as your keystore, which may be attractive in a larger organization (since you can store Kerberos credentials and other user information in the same place).

3

plluksie · Answer 3 · 2011-01-10T06:02:50+08:00

According to http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kerberos5.html

Kerberos is both the name of a network authentication protocol and an adjective to describe programs that implement the program (Kerberos telnet, for example). The current version of the protocol is version 5, described in RFC 1510.

Several free implementations of this protocol are available, covering a wide range of operating systems. The Massachusetts Institute of Technology (MIT), where Kerberos was originally developed, continues to develop their Kerberos package. It is commonly used in the US as a cryptography product, as such it has historically been affected by US export regulations. The MIT Kerberos is available as a port (security/krb5). Heimdal Kerberos is another version 5 implementation, and was explicitly developed outside of the US to avoid export regulations (and is thus often included in non-commercial UNIX® variants). The Heimdal Kerberos distribution is available as a port (security/heimdal), and a minimal installation of it is included in the base FreeBSD install.

In order to reach the widest audience, these instructions assume the use of the Heimdal distribution included in FreeBSD.

So it is also a law matter...

Hubert Kario · Answer 4 · 2011-01-10T06:52:32+08:00

Best Answer

Hubert Kario

2011-01-10T06:52:32+08:002011-01-10T06:52:32+08:00

Heimdal is/will be integrated with Samba 4 in its Active Directory implementation.

2

Utkonos · Answer 5 · 2012-04-30T16:40:16+08:00

Utkonos

2012-04-30T16:40:16+08:002012-04-30T16:40:16+08:00

Heimdal is the implementation of Kerberos5 that FreeBSD uses. It and the MIT implementation are also available in the ports collection.

0

Which kerberos flavor?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?