Red Hat Bugzilla – Bug 1464831
About the procedure to use gssftp service
Last modified: 2017-11-20 08:02:06 EST
Section Number and Name:
11.3. CONFIGURING A KERBEROS CLIENT
Describe the issue:
In the section 11.3, the doc says [To use other Kerberos-aware network services, install the krb5-server package and start the services. The Kerberos-aware services are listed in Table 11.3, “Common Kerberos-aware Services”.]
But customer complaints that krb5-server package doesn't provide the related service file(like gssftp) in "table 11.3".
Suggestions for improvement:
Actually in RHEL7, gssftp is provided by krb5-appl-servers package in epel channel.
It would be better to mention that in the documentation.
This problem is the same in RHEL6.
Oh boy. We really shouldn't be recommending any of the things provided by krb5-appl, not only because they're from EPEL and we shouldn't recommend those, but also because most of them have a very outdated view of security. Users should use tools like ssh, etc. instead.
I removed krb5-appl in Fedora 27 ( https://bugzilla.redhat.com/show_bug.cgi?id=1474829 ), and we very intentionally don't ship these in rhel7 already.