windows kerberos update?
Greg Hudson
ghudson at mit.edu
Wed Jan 16 12:01:19 EST 2019
On 1/16/19 11:23 AM, Charles Hedrick wrote:
> We’re starting to use Windows Kerberos, with a 3rd party login screen that calls Kerberos. Some of our staff use FreeOTP 2FA. As far as I can tell, the most recent KfW doesn’t support 2FA or the https: proxy.
KfW 4.1 is based on krb5 1.13, which includes the OTP client code, so I
think that's only half correct.
> Are there plans for a new release that would do so?
I was planning to do a Windows release based on the 1.17 branch (for
SPAKE support, if nothing else), but I don't have a specific time-table.
HTTPS proxy support is not currently part of the Windows build, because
of the OpenSSL dependency. I can make an attempt to bring that in when
I make time to do work on the Windows port. (Bringing in an OpenSSL
dependency would also make it possible to enable PKINIT support, though
that might also require some work on the PKINIT code.)
It is now possible to build the Windows installer from source using the
community (no-cost) version of the MS compiler. See src/windows/README
in the source tree for details.
More information about the Kerberos
mailing list