Openssh, kerberos and Solaris 10

Nicolas Williams Nicolas.Williams at
Wed Aug 9 16:18:28 EDT 2006

On Wed, Aug 09, 2006 at 02:55:05PM -0500, Douglas E. Engert wrote:
> Nicolas Williams wrote:
> >gss_store_cred() is a KITTEN WG work item.
> >
> >__gss_userok() is not; should it be? 
> I would say yes. Every service needs to do this, and use the GSS creds
> to test if it can use the local resource. So it in that regards it is
> generic.

Hmmm.  We're working to push authorization of GSS-API principals and
handling of delegated credentials to PAM.  So, we're working to make
public gss_userok() and gss_store_cred() interfaces unnecessary...

More information about the Kerberos mailing list