[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Heimdal telnet PAM, Kerberos SSH for Windows
I installed the heimdal telnetd in several machines, it works perfectly in
all tested platforms. The only thing is that I would like to control the
login of certain users to certain machines, i.e. to have the user authorized
after being authenticated. I wasn't able to use PAM with the Heimdal telnetd
daemon, it appears to be totally indiferent to changes in the pam
configuration. The same applies to Heimdal ftpd.
One good option would be to install openssh in all the machines, since it
can be made to use GSSAPI and PAM for authorization *but* there aren't any
Windows SSH clients with Kerberos support that are free software. It's very
important to have the Windows clients use Kerberos tickets (I'm using
ktelnet/kftp clients in Windows and they work perfectly) and the lack of a
ssh client with Kerberos is a show-stoper.
So, to sum it up:
o Does Heimdal telnetd/ftpd use PAM in any way for authorization?
o Does anyone know a SSH client for Windows that is free software?
The whole setup involves inter-realm trust relations between the Windows
domain and the Kerberos one so it's important to actually use tickets (and
not just use the KDC as an interactive way to check for the password).