Re: Two ftp clients? Why?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Wed, Aug 03, 2011 at 07:57:33AM -0400, Robert Heller wrote:
> Is there a Kerberized ssh? Or a Kerberized ssh-agent?

Kerberos ssh; yes, using gssapi

% ldd /usr/sbin/sshd | grep krb
        libgssapi_krb5.so.2 => /usr/lib/libgssapi_krb5.so.2 (0x0026a000)
        libkrb5.so.3 => /usr/lib/libkrb5.so.3 (0x002bc000)
        libkrb5support.so.0 => /usr/lib/libkrb5support.so.0 (0x00fa2000)

You can turn it on using options in sshd_config.  I did some
testing recently:
  http://sweh.spuddy.org/Essays/Kerberos/begining_kerberos.html

Kerberized ssh-agent doesn't make sense 'cos you're not using public
keys, and the kerberos layer, itself, can request tickets to be
forwarded (see my link above); no agent support needed.

-- 

rgds
Stephen
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux