Re: Services supporting Kerberos and/or TLS client certificate authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Mon, Mar 23, 2015 at 10:34:49AM +0100, Andrew Holway wrote:
>
> Hello,
> 
> We're starting to use FreeIPA in house (which is awesome btw) which means
> that Kerberos and TLS client certificate authentication is suddenly quite
> easy. Im looking for a list of common Linux services with data on how one
> can Authenticate/Authorise for these services.

Do you want to use Kerberos to authenticate user/passwords?  Or are
you looking to use the user's existing kerberos ticket to authenticate
services? 

> * httpd support TLS client certificate authentication and Kerberos

You can use mod_auth_kerb for httpd with any client that supports the
Negotiate authentication method.  There's also tools to let it use
SASL to perform plain text password authentication, but I'm not
familiar with it.

> * dovecot supports Kerberos and ...

Dovecot supports GSSAPI authentication as well as using SASL.
Sendmail and Postfix too.

Sorry, not sure about rabbitmq.
-- 
Jonathan Billings <billings@xxxxxxxxxx>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux