Kerberos enabled SSH library

petesea@bigfoot.com petesea at bigfoot.com
Fri May 18 17:39:53 EDT 2007


On Fri, 18 May 2007, Douglas E. Engert wrote:

> You could look at PuTTY which is uses mostly on Windows, and is used by 
> a number of other package in the way you want. GSSAPI mods are 
> available:
>
>   http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/kerberos-gssapi.html
>
> Look at the "Another patch here adds support for GSSAPI..." which only 
> does gssapi-with-mic.
>
> Unfortunately, the PuTTY developers have not been convinced to add 
> GSSAPI support to the base package.

I've considered using PuTTY, but from the standpoint of an "SSH library" 
it doesn't seem like it would be any easier to use then OpenSSH.  In other 
words, neither OpenSSH nor PuTTY are designed to be used as an SSH 
library.  Which basically means I'd end up stripping out all kinds of code 
I don't need.  And since the patched version of PuTTY you reference 
doesn't include support for gssapi-keyex, that gives OpenSSH the 
upper-hand... at least between those two options.

I was really hoping for a library... something like libssh2 
(http://www.libssh2.org)... except it doesn't support GSSAPI auth.

On Fri, 18 May 2007, Vladimir Terziev wrote:

>
> 	Try also this:
>
> 	http://www.sweb.cz/v_t_m/#putty
>
> 		Vladimir

This is the link referenced above on the PuTTY website.  Unfortunately it 
doesn't include support for GSSAPI Key Exchange.



More information about the Kerberos mailing list