Kerberos enabled SSH library

Douglas E. Engert deengert at
Fri May 18 10:02:29 EDT 2007

petesea at wrote:
> Is there a Kerberos-enabled SSH library out there?
> I'm investigating the development of a custom SSH client that will only be 
> for internal company use.  The goal will be a single binary our users can 
> easily download that will then be used to run specific commands to 
> specific servers.
> I would PREFER it supports gssapi-keyex, but would probably settle for 
> gssapi-with-mic.

You could look at PuTTY which is uses mostly on Windows, and is
used by a number of other package in the way you want. GSSAPI mods
are available:

Look at the "Another patch here adds support for GSSAPI..." which only does

Unfortunately, the PuTTY developers have not been convinced to add GSSAPI
support to the base package.

> I'm starting with Linux, but will eventually need to support Mac, Solaris, 
> HP-UX and Windows clients.

The PuTTY says it will run on Unix.

> It seems like libssh2 might be a good choice, but it doesn't include 
> gssapi auth (as far as I know).  Any chance someone might be adding 
> gssapi-with-mic/gssapi-keyex support to libssh2?
> I guess I could try to use OpenSSH, but it's not exactly intended as a 
> "library"?
> ________________________________________________
> Kerberos mailing list           Kerberos at


  Douglas E. Engert  <DEEngert at>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444

More information about the Kerberos mailing list