Received: from SOUTH-STATION-ANNEX.MIT.EDU by po7.MIT.EDU (5.61/4.7) id AA02489; Wed, 27 Dec 95 09:20:56 EST
Received: by MIT.EDU 
	id AA20105; Wed, 27 Dec 95 09:15:07 EST
Date: Wed, 27 Dec 95 09:15:07 EST
From: MAILER-DAEMON@MIT.EDU (Mail Delivery Subsystem)
Subject: Returned mail: Cannot send message for 3 days
Message-Id: <9512271415.AA20105@MIT.EDU>
To: <owner-kerberos@MIT.EDU>
To: proven@PO7.LOCAL
To: tytso@PO9.LOCAL
To: basch@lehman.com
To: jis@E40-PO.LOCAL
To: tlyu@PO9.LOCAL

   ----- Transcript of session follows -----
451 hangman@pyro.rh.imsa.edu... Cannot send message for 3 days
hangman@pyro.rh.imsa.edu... Cannot send message for 3 days

   ----- Unsent message follows -----
Received: from pad-thai.cam.ov.com by MIT.EDU with SMTP
	id AA14610; Sun, 24 Dec 95 08:22:30 EST
Received:  by pad-thai.cam.ov.com (8.6.12/)
	id <IAA16798@pad-thai.cam.ov.com>; Sun, 24 Dec 1995 08:25:31 -0500
Received: from GATEWAY by pad-thai.cam.ov.com with netnews
	for kerberos-wrapper@cam.ov.com (kerberos@mit.edu)
To: kerberos@MIT.EDU
Date: 24 Dec 1995 04:30:07 -0500
From: tls@rek.tjls.com (Thor Lancelot Simon)
Message-Id: <4bj6iv$2d3@fearsome.tjls.com>
Organization: Never!
Sender: usenet@cam.ov.com
References: <Pine.LNX.3.91.951223204028.3021A-100000@excelsior>, <199512240320.WAA13253@toxicwaste.media.mit.edu>
Subject: Re: Thinking of moving to kerberos, lots of questions

In article <199512240320.WAA13253@toxicwaste.media.mit.edu>,
Derek Atkins <warlord@MIT.EDU> wrote:
>> drat. I was afraid of that. Any sources out there that I can use?
>
>When I was a summer intern at Bellcore a few years ago I wrote one.
>But I don't have the source anymore.  Basically, what you do is take a
>login that understands both kerberos and YP, hack it up a little to do
>the appropriate checks, and then add some of the kadmin "ank" code to
>add a new key to the database.
>
>Alternatively, you can provide a user-space program that does the same
>thing -- ask a user for a password, compare it to the passwd entry in
>YP, and then add the password to kerberos.  This, too, would be fairly
>simple to write but I don't have code for you...
>
>Perhaps someone else has code to share?

Berkeley's "register" client and server did this.  Unfortunately they aren't
really compatible with kadmin; you'd have to run a separate kadmind and
registerd, and modify your kdb_init to create the keys register wants to use.

But if you want to look at the source, it's in the domestic 4.4Lite
distribution.
-- 
Thor Lancelot Simon                                             tls@rek.tjls.com

   Where is the day that melted into one rich noise?          --Thomas Wolfe