Kerberos enabled SSH library
Douglas E. Engert
deengert at anl.gov
Fri May 18 18:04:57 EDT 2007
petesea at bigfoot.com wrote:
> On Fri, 18 May 2007, Douglas E. Engert wrote:
>> You could look at PuTTY which is uses mostly on Windows, and is used
>> by a number of other package in the way you want. GSSAPI mods are
>> Look at the "Another patch here adds support for GSSAPI..." which only
>> does gssapi-with-mic.
>> Unfortunately, the PuTTY developers have not been convinced to add
>> GSSAPI support to the base package.
> I've considered using PuTTY, but from the standpoint of an "SSH library"
> it doesn't seem like it would be any easier to use then OpenSSH. In
> other words, neither OpenSSH nor PuTTY are designed to be used as an SSH
> library. Which basically means I'd end up stripping out all kinds of
> code I don't need. And since the patched version of PuTTY you reference
> doesn't include support for gssapi-keyex, that gives OpenSSH the
> upper-hand... at least between those two options.
> I was really hoping for a library... something like libssh2
> (http://www.libssh2.org)... except it doesn't support GSSAPI auth.
Have you asked them? One of the developers has the same name as
a person active in the IETF Kerberos working group.
> On Fri, 18 May 2007, Vladimir Terziev wrote:
>> Try also this:
> This is the link referenced above on the PuTTY website. Unfortunately
> it doesn't include support for GSSAPI Key Exchange.
Douglas E. Engert <DEEngert at anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
More information about the Kerberos