> place to deal with passwords, rather than all 10 user machines. Even > better would be to use kerberos to verify passwords through the current > Project Vincent. Is this doable?
There should be debian versions of both Kerberos 4 and Kerberos 5 available on the non-US site within the next week or so. Some configuration (notably to XDM) to use Kerberos for local logins will still be necessary, but the Kerberos packages should get you most of the way there. Note however that using Kerberos for local login security can be problematic if you are not careful --- in particular, unless you have a local service key installed on each machine, you leave yourself vulnerable to spoofing the workstation by sending fake Kerberos reply packets. (The resulting tickets aren't useful for network authentication, but they're enough to trick the workstation into letting the intruder log in). Of course, if you're using the "public workstation" model used by Athena, this may not matter to you.
