Kerberos Client Version C.1.3.5.05 Release Notes
Kerberos Client C.1.3.5.05 Release Notes
What Is New in This Version
Chapter 110
Example 1-3 If /etc/krb5/.k5login.user1 exists as a symbolic link to the .k5login
file in the user’s home directory
If user1 attempts to login, the krb5_kuserok() API processes
/etc/krb5/.k5login.user1 only if it is owned by root, and if the
.k5login file in the user’s home directory is owned by root or the
user. Only superusers must have permissions to write to this file.
NOTE Secure Internet Services (SIS) such as ftp, rlogin, and telnet do
not currently support this feature on HP-UX 11i v1.
Features Supported From Kerberos Client Version 1.0
Kerberos Client version C.1.3.5.05 also supports the following features
from Kerberos Client version 1.0:
• SASL/GSS-API bind to Netscape Directory Server used to fail when
SSL was enabled
• Support for powerful cryptographic algorithms
This version of Kerberos Client software supports 3DES, AES, and
RC4
• Support for IPv6
IPv6 support is enabled on this version of Kerberos Client software
• Support for TCP
Kerberos Client libraries can now use TCP to connect to the Key
Distribution Center (KDC). Libraries can use TCP to communicate
with Microsoft KDCs (domain controllers) if they issue tickets with
excess PAC data.
• Security fixes up to version 1.3.5 made by MIT in the open source
version of Kerberos Client
For detailed product information, installing and configuring instructions,
troubleshooting and sample configuration files, see Configuration Guide
for Kerberos Client Products on HP-UX (T1417-90006).