Displaying 3 results from an estimated 3 matches for "gssklog".
Did you mean:
geeklog
2003 Sep 24
1
[ GSSAPI ] Environment settings
Hi there,
well, I just upgraded to OpenSSH 3.7.1p2 and noticed the GSSAPI-Changes.
Well it worked like a charm. No PAM, no problems while authenticating to
Kerberos 5. But now there is a small problem. We need an pam module
called pam_gssklog.so to authenticate. This modules obtains a token from
the kerberos ticket.
The single executable (which is execle'd out of the pam module) works if
an environment variable called KRB5CCNAME is set.
So I integrated the PAM into my ssh-config again, with the Kerberos and
GSSAPI stuff in sshd...
2004 Jan 26
6
OpenSSH, OpenAFS, Heimdal Kerberos and MIT Kerberos
Rather then implementing kafs in MIT Kerberos, I would like to
suggest an alternative which has advantages to all parties.
The OpenSSH sshd needs to do two things:
(1) sets a PAG in the kernel,
(2) obtains an AFS token storing it in the kernel.
It can use the Kerberos credentials either obtained via GSSAPI
delegation, PAM or other kerberos login code in the sshd.
The above two
2008 May 27
6
Openssh + AFS
The native authentication methods of openssh are
(not counting insecure RhostsRSAAuthentication)
1) public key
2) password
For users with home dirs in AFS space, method 1) does not work.
Except with (non foolproof) fiddling on the access controls within
the home directory. This might lead to security issues when done
by inexperienced users.
Without some work, only 2) remains. Being forced to send