On Fri, Nov 03, 2006 at 12:35:55AM +0000, Paul Civati wrote: > 2000 and XP will support authentication using X.509 (ie. SSL > like) certificates, only XP will support PSK (pre-shared-key). >
i won't necessarily defeat windows, but 2000 and xp do support kerberos 5, x.509 _and_ pre-shared key authentication by default. > > This is from my recent research of trying to get this working > with Debian, but I gave up because the server versions of s/w > I was using didn't support NAT-T, AFAICS. I've not tried it > with OpenBSD, yet. > openbsd's NAT-T works fine and is enabled by default. reyk
