>>>>> "pelln" == pelln <[EMAIL PROTECTED]> writes:
pelln> In comp.security.unix S.T. Wong <[EMAIL PROTECTED]>
pelln> wrote:
>> Hi, there,
>> Is it possible to retain the same password for users when
>> migrating from NIS-like systems to Kerberos ? Seems there's no
>> way to avoid changing users' passwords in such exercise.
pelln> It should not be possible, in NIS the password is not known
pelln> by you, only a hash is know where you are not supposed to
pelln> reverse engeneer.
Well, really the Kerberos server doesn't strictly need plaintext. You
could set up a enctype that used crypt as a string2key function. That
enctype would be very weak especially considering that the keys
(password hashes) tend to be fairly well known, but you could *do* it.
You shouldn't though.
