search for: gssklog

Displaying 3 results from an estimated 3 matches for "gssklog".

Did you mean: geeklog
2003 Sep 24
1
[ GSSAPI ] Environment settings
Hi there, well, I just upgraded to OpenSSH 3.7.1p2 and noticed the GSSAPI-Changes. Well it worked like a charm. No PAM, no problems while authenticating to Kerberos 5. But now there is a small problem. We need an pam module called pam_gssklog.so to authenticate. This modules obtains a token from the kerberos ticket. The single executable (which is execle'd out of the pam module) works if an environment variable called KRB5CCNAME is set. So I integrated the PAM into my ssh-config again, with the Kerberos and GSSAPI stuff in sshd...
2004 Jan 26
6
OpenSSH, OpenAFS, Heimdal Kerberos and MIT Kerberos
Rather then implementing kafs in MIT Kerberos, I would like to suggest an alternative which has advantages to all parties. The OpenSSH sshd needs to do two things: (1) sets a PAG in the kernel, (2) obtains an AFS token storing it in the kernel. It can use the Kerberos credentials either obtained via GSSAPI delegation, PAM or other kerberos login code in the sshd. The above two
2008 May 27
6
Openssh + AFS
The native authentication methods of openssh are (not counting insecure RhostsRSAAuthentication) 1) public key 2) password For users with home dirs in AFS space, method 1) does not work. Except with (non foolproof) fiddling on the access controls within the home directory. This might lead to security issues when done by inexperienced users. Without some work, only 2) remains. Being forced to send