[Search for users] [Overall Top Noters] [List of all Conferences] [Download this site]

Conference irocz::terminal_servers

Title:	Terminal Servers
Notice:	See Note 2 for Directory of important notes. Please use keywords.
Moderator:	LAVC::CAHILLON

Created:	Tue May 14 1991
Last Modified:	Fri Jun 06 1997
Last Successful Update:	Fri Jun 06 1997
Number of topics:	3547
Total number of notes:	12300

3440.0. "KERBEROS." by IB004::MARTOS (looking for something) Thu Feb 13 1997 08:02

hi,

	I've been reading something about KERBEROS, since a customer has the
following question. It's possible the remote console ask for authentication?.
I think the customer want login and password when He connect to the remote 
console. The others port ask login and password.

	The configuration is:

	*) Decserver Network Access (1.5).
	*) Decserver 700.
	*) Sun Solaris with Kerberos Server (5. BETA 7)


Regards.
PaKo.-

T.R Title User Personal
Name Date Lines

3440.1 Make a business case for this feature? IROCZ::D_NELSON Dave Nelson LKG1-3/A11 226-5358 Thu Feb 13 1997 13:09 26

T.R	Title	User	Personal Name	Date	Lines
3440.1	Make a business case for this feature?	IROCZ::D_NELSON	Dave Nelson LKG1-3/A11 226-5358	`Thu Feb 13 1997 13:09`	26
	RE: .0 > It's possible the remote console ask for authentication?. The short answer is "no". We have not (yet) configured the remote console port for user authentication. One issue is that if problems exist in the configuration of authentication server(s) on the DECserver, you may need to get in via the remote console (back door) to fix the problem. If the remote console were also secured by Kerberos (or RADIUS or SecurID) authentication, and you needed to fix the Kereberos (or RADIUS or SecurID) setup on the DECserver (for any of a number of reasons), you could potentially be "locked out" and have to factory reset the DECserver to gain access. With the addition of a local "on the DECserver" authentication database in DNAS V2.0, this becomes less of a problem (as long as you always configure a local username and password to use). We would consider adding a remote console authentication feature in a future release, if the business warranted it. Regards, Dave

RE: .0

> It's possible the remote console ask for authentication?.

The short answer is "no".  

We have not (yet) configured the remote console port for user authentication.
One issue is that if problems exist in the configuration of authentication 
server(s) on the DECserver, you may need to get in via the remote console 
(back door) to fix the problem.  If the remote console were also secured by 
Kerberos (or RADIUS or SecurID) authentication, and you needed to fix the 
Kereberos (or RADIUS or SecurID) setup on the DECserver (for any of a number
of reasons), you could potentially be "locked out" and have to factory reset
the DECserver to gain access.

With the addition of a local "on the DECserver" authentication database
in DNAS V2.0, this becomes less of a problem (as long as you always configure
a local username and password to use).

We would consider adding a remote console authentication feature in a future
release, if the business warranted it. 

Regards,

Dave