Slashdot Mirror


Kerberos Support In OpenSSH

Dan writes "Marshall Vale writes on behalf of the MIT Kerberos team and several other parties interested in the availability of Kerberos authentication for the SSH protocol. Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. Marshall says that Kerberos support within OpenSSH may be incomplete and needs more work. In particular, implementing draft-ietf-secsh-gsskeyex in addition to any other Kerberos mechanisms will better serve the needs of Kerberos community. Secondly, he says that they would like to reduce user confusion associated with all of the different options for Kerberos and SSH. He suggests adoption of the GSSAPI key exchange mechanism in the IETF draft (which uses Kerberos to authenticate both parties to each other), in order to avoid man-in-the-middle attacks."

4 of 122 comments (clear)

  1. News from GNAA... by Anonymous Coward · · Score: -1, Flamebait

    GAY NIGGERS ASSOCIATION OF AMERICA (GNAA) will hold its monthly meeting on July 4th, 2003.

    Please visit #gnaa on efnet for more details

  2. Time for Linux to catch up? by Anonymous Coward · · Score: -1, Flamebait

    Windows has had Kerberos and IPSec forever. When will the penguin catch up?

    1. Re:Time for Linux to catch up? by Anonymous Coward · · Score: -1, Flamebait

      dear fucktard,

      if you want it in linux, code it yourself, loser

      linux is not a freeloader's operating system -- everyone has to pull their own wait

      p.s. please do not copyright yr software, instead give all rights to the free software foundation

      thx bye,
      rms

  3. boring! by Anonymous Coward · · Score: -1, Flamebait
    slashdot has really started sucking lately. I mean even more than normal. You can't tell me that these stories are the cream of the crop of the submission queue!


    Then again, if it looks like the crap in the comments, it is possible.