[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Heimdal telnet PAM, Kerberos SSH for Windows

To: heimdal-discuss@sics.se
Subject: Heimdal telnet PAM, Kerberos SSH for Windows
From: fsmunoz@gesal.org
Date: Fri, 21 Mar 2003 18:54:35 +0000
Sender: owner-heimdal-discuss@sics.se

Hello, 


I installed the heimdal telnetd in several machines, it works perfectly in 
all tested platforms. The only thing is that I would like to control the 
login of certain users to certain machines, i.e. to have the user authorized 
after being authenticated. I wasn't able to use PAM with the Heimdal telnetd 
daemon, it appears to be totally indiferent to changes in the pam 
configuration. The same applies to Heimdal ftpd. 

One good option would be to install openssh in all the machines, since it 
can be made to use GSSAPI and PAM for authorization *but* there aren't any 
Windows SSH clients with Kerberos support that are free software. It's very 
important to have the Windows clients use Kerberos tickets (I'm using 
ktelnet/kftp clients in Windows and they work perfectly) and the lack of a 
ssh client with Kerberos is a show-stoper. 

So, to sum it up: 


o Does Heimdal telnetd/ftpd use PAM in any way for authorization? 

o Does anyone know a SSH client for Windows that is free software? 

The whole setup involves inter-realm trust relations between the Windows 
domain and the Kerberos one so it's important to actually use tickets (and 
not just use the KDC as an interactive way to check for the password). 


Best Regards, 

fsmunoz

Follow-Ups:
- Re: Heimdal telnet PAM, Kerberos SSH for Windows
  - From: Brian May <bam@snoopy.apana.org.au>

Prev by Date: Re: kinit and old credentials
Next by Date: Re: kinit and old credentials
Prev by thread: RE: krb5_init_get_creds_password crash in 0.5.1
Next by thread: Re: Heimdal telnet PAM, Kerberos SSH for Windows
Index(es):
- Date
- Thread