SUN-DES-1 and Kerberos

next up previous contents
Next: Compartmented Mode Workstations Up: Platforms Previous: MIT-MAGIC-COOKIE

SUN-DES-1 and Kerberos

SUN-DES-1 uses the secure RPC facilities of SunOS to authenticate clients to the server. A public key database is maintained on a master machine on the network. The database contains the user's public key and the user's secret key which has been encrypted with the user's login password. Using this system, the X server can securely discover the actual user name of the requesting process. It involves encrypting data with the X server's public key, and so the identity of the user who started the X server is needed for this; this identity is stored in the .Xauthority file.

Kerberos is an authentication protocol developed to support MIT's Athena project. It uses an authentication server which exchanges authentication tokens between two potential clients.

Both protocols are discussed in more detail in the Chapter 9.

John Barkley
Fri Oct 7 16:17:21 EDT 1994