sopwith@xxxxxxxxxx (Elliot Lee) writes: > kshd/klogind are fully encrypted if set up correctly. They're also a > lot faster than ssh. Setting up krb5 correctly without virtualization technology (e.g. vserver) or much money for extra hardware and powersupply is nearly impossible... Else, you will have only trouble with hostname vs. DNS name conflicts and/or multi-homed hosts. The shipped KRB5 implementation misses features like replication or support for renaming of principals; and the rest of the system misses krb5 support completely (cups, w3m, svn), nobody cares about it (e.g. no SPNEGO support in firefox because missing buildrequires) or its implementation is not well-thought (e.g. login for local accounts fails when network is down). ssh is much easier to use and provides neat features like encryption of X11 connections. Enrico
