[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The state of the heimdal project



On ons, 2006-10-04 at 10:36 -0500, Douglas E. Engert wrote:
> 
> Michael B Allen wrote:
> > Actually I have wondered from time to time why people don't use Heimdal
> > MORE. 
> 
> Well for Ubuntu at least we are starting to look it it much
> closer. This is mainly because Heimdal's implementation of
> PKINIT is way ahead of the MIT version. We have the PKINIT
> working against Windows AD using PIV smart cards via OpenSC.
> 
> We had the Heimdal PKINIT working on RedHat in the spring,
> including smartcards for login via PAM. This week I am looking
> at the debian/ubuntu libpam-heimdal-1.2.0 and what it takes to
> add in the calls to PKINIT.

It is probably better to start with libpam-heimdal/libpam-krb5 (they
actually using the same source) 2.3 from Debian Unstable or from the
source directly: http://www.eyrie.org/~eagle/software/pam-krb5/ 

Russ has done a wonderful work updating the pam module.

/torkel