I like Kerberos 5 and it's ability to use tickets so I don't have to type
passwords whenever I login/su/need to authenticate myself. So it *really*
annoys me that there is a pam_krb5 module that allows you to authenticate
against a Kerberos 5 principal but it won't accept any tickets that I try
to pass to it. I've done a bit of research on the matter and am told that
it is a limitation of the PAM API. So be it.

I suppose I can install kerberos' version of telnet/ftp/rsh/rlogin/etc,
but again, I'm lazy (I *am* a system administrator). I was thinking that
it would be nice to have Kerberos 5 authentication available in OpenSSH
since that comes with the distribution and is even enabled by default.

So, being lazy, I decided to trawl the net seeing if I could find anyone
that has already done the work. Bingo!
http://www.sxw.org.uk/computing/patches/openssh.html The author claims
that it works with both KTH and MIT Kerberos 5 implementations (I've tried
it on MIT and it works like a charm). I was wondering if there was any
interest in integrating this, or if it is considered too large a patch. If
there is interest, I would be willing to do the legwork to try and
integrate it (although there is probably lots of cases to deal with).

-gordon


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Reply via email to