Kerberos enabled SSH library
Douglas E. Engert
deengert at anl.gov
Fri May 18 10:02:29 EDT 2007
petesea at bigfoot.com wrote:
> Is there a Kerberos-enabled SSH library out there?
>
> I'm investigating the development of a custom SSH client that will only be
> for internal company use. The goal will be a single binary our users can
> easily download that will then be used to run specific commands to
> specific servers.
>
> I would PREFER it supports gssapi-keyex, but would probably settle for
> gssapi-with-mic.
>
You could look at PuTTY which is uses mostly on Windows, and is
used by a number of other package in the way you want. GSSAPI mods
are available:
http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/kerberos-gssapi.html
Look at the "Another patch here adds support for GSSAPI..." which only does
gssapi-with-mic.
Unfortunately, the PuTTY developers have not been convinced to add GSSAPI
support to the base package.
> I'm starting with Linux, but will eventually need to support Mac, Solaris,
> HP-UX and Windows clients.
>
The PuTTY says it will run on Unix.
> It seems like libssh2 might be a good choice, but it doesn't include
> gssapi auth (as far as I know). Any chance someone might be adding
> gssapi-with-mic/gssapi-keyex support to libssh2?
>
> I guess I could try to use OpenSSH, but it's not exactly intended as a
> "library"?
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
>
--
Douglas E. Engert <DEEngert at anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
More information about the Kerberos
mailing list