[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Heimdal and r* client programs

To: "Douglas E. Engert" <deengert@anl.gov>
Subject: Re: Heimdal and r* client programs
From: Tillman Hodgson <tillman@seekingfire.com>
Date: Thu, 15 Aug 2002 11:30:24 -0600
Cc: heimdal-discuss@sics.se
In-Reply-To: <3D5A7831.46C9A252@anl.gov>; from deengert@anl.gov on Wed, Aug 14, 2002 at 10:33:05AM -0500
References: <20020813103903.A7957@seekingfire.com> <xofptwmekh6.fsf@blubb.pdc.kth.se> <20020813132300.A8064@seekingfire.com> <20020813134958.A8135@seekingfire.com> <20020813190036.C42791@got.wedgie.org> <20020814001038.L10073@seekingfire.com> <3D5A7831.46C9A252@anl.gov>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Mutt/1.2.5.1i

On Wed, Aug 14, 2002 at 10:33:05AM -0500, Douglas E. Engert wrote:
> Tillman Hodgson wrote:
> > Does the TGT-upon-login work with version 1 of the ssh protocol? I've
> > been playing with the GSSAPI version 2 stuff, and I'd like to compare it
> > to the version 1 stuff.
> 
> If you are interested in the the GSSAPI for version 1, I do have mods to Simon's
> mods. The SecureCRT product has a GSSAPI capability with  version 1, which we have been
> using for years. We intend to drop these when the GSSAPI for version 2 is implemented. 
> 
> If you are interested, drop me a note, and what version of OpenSSH you have.

I'm more interested in the built-in supports for kerberos v5 in the ssh
version 1 protocol. I'm trying to move away from hand-rolled ssh
packages to ease maintainence issues :-)

If I could have an ssh login to a perimeter server also request and
store the TGT, then I can log in once to the network from the outside
(in a secure fashion via ssh) and have single sign-on from there on.
Eliminating the need for users to do a k5init would be great. Is that
possible with a generic openssh 3.4p1, perhaps using the version 1
protocol?

Thanks muchly,

- Tillman

-- 
"Everything you are against weakens you. Everything you are for
empowers you."
	- Wayne Dyer (American Psychotherapist & Author)

Follow-Ups:
- Re: Heimdal and r* client programs
  - From: "Douglas E. Engert" <deengert@anl.gov>

References:
- Heimdal and r* client programs
  - From: Tillman Hodgson <tillman@seekingfire.com>
- Re: Heimdal and r* client programs
  - From: joda@pdc.kth.se (Johan Danielsson)
- Re: Heimdal and r* client programs
  - From: Tillman Hodgson <tillman@seekingfire.com>
- Re: Heimdal and r* client programs
  - From: Tillman Hodgson <tillman@seekingfire.com>
- Re: Heimdal and r* client programs
  - From: Jason Garman <jgarman@wedgie.org>
- Re: Heimdal and r* client programs
  - From: Tillman Hodgson <tillman@seekingfire.com>
- Re: Heimdal and r* client programs
  - From: "Douglas E. Engert" <deengert@anl.gov>

Prev by Date: Re: Kerberos authentication in HTTP
Next by Date: Re: Heimdal and r* client programs
Prev by thread: Re: Heimdal and r* client programs
Next by thread: Re: Heimdal and r* client programs
Index(es):
- Date
- Thread