securid and kerberos

=?gb2312?B?t73Twg==?= fangyong at xunlei.com
Sun Oct 28 20:02:47 EDT 2007


hi all:
	how can I get kerberos work with securid  and openssh ?
I manage many linux server and I use securid to login in the boxes,but it's
too boring to login all server one by one.
anybody could be kind enough to tell me how can I use securid to get
kerberos ticket instead of password ?

I've found serveral "securid" string in the kerberos directory,but I did not
know how to make use of it :(

[root at AS3U8 krb5-1.6.3]# grep securid * -r -i
doc/api/tables.tex:KRB5_PADATA_ENC_SECURID              &       & yes   \\
src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c:#ifdef SECURID
src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c:#ifdef SECURID
src/plugins/kdb/ldap/ldap_util/kdb5_ldap_realm.c:#define SECURID
src/include/kdb.h:#ifdef SECURID
src/include/kdb.h:#define KRB5_TL_SECURID_STATE           0x0006
src/include/kdb.h:#endif /* SECURID */
src/include/k5-int.h:#define PA_SAM_TYPE_SECURID    5   /*  Security
Dynamics */
src/include/k5-int.h:#define PA_SAM_TYPE_SECURID_PREDICT
(PA_SAM_TYPE_EXP_BASE+1) /* special */
src/include/krb5/krb5.hin:#define KRB5_PADATA_ENC_SANDIA_SECURID        6
/* SecurId passcode */
src/appl/telnet/telnetd/telnetd.c:#ifdef        SecurID
src/appl/telnet/telnetd/telnetd.c:#ifdef        SecurID
src/appl/telnet/telnetd/telnetd.c:                      /* SecurID required
*/
src/appl/telnet/telnetd/telnetd.c:                      require_SecurID = 1;
src/appl/telnet/telnetd/telnetd.c:#endif        /* SecurID */
src/appl/telnet/telnetd/telnetd.c:#ifdef        SecurID
src/appl/telnet/telnetd/telnetd-ktd.c:#if       defined(SecurID)
src/appl/telnet/telnetd/telnetd-ktd.c:int       require_SecurID = 0;
src/appl/telnet/telnetd/telnetd-ktd.c:#ifdef    SecurID
src/appl/telnet/telnetd/telnetd-ktd.c:                  /* SecurID required
*/
src/appl/telnet/telnetd/telnetd-ktd.c:                  require_SecurID = 1;
src/appl/telnet/telnetd/telnetd-ktd.c:#endif    /* SecurID */
src/appl/telnet/telnetd/telnetd-ktd.c:#ifdef    SecurID
src/appl/telnet/telnetd/sys_term.c:#if  defined (SecurID)
src/appl/telnet/telnetd/sys_term.c:     if (require_SecurID)
src/appl/telnet/telnetd/ext.h:#if       defined(SecurID)
src/appl/telnet/telnetd/ext.h:extern int        require_SecurID;
src/appl/telnet/telnetd/telnetd.8:is compiled with support for SecurID
cards.  It causes the
src/appl/telnet/telnetd/telnetd.8:flag to indicate that only SecurID
validated logins are allowed, and is
src/appl/telnet/telnetd/telnetd.0.txt:                  port for SecurID
cards.  It causes the -s option to be
src/appl/telnet/telnetd/telnetd.0.txt:                  supports the -s flag
to indicate that only SecurID validated
src/appl/telnet/telnetd/telnetd.0.ps:(is compiled with support for)3.891 F
F4(SecurID)3.891 E F0 3.891(cards. It)
src/appl/telnet/telnetd/telnetd.0.ps:(SecurID)2.98 E F0 -.25(va)2.98 G
.481(lidated logins are allo).25 F .481
src/kdc/kdc_preauth.c:  { "SECURID", PA_SAM_TYPE_SECURID, },
src/lib/krb5/krb/preauth2.c:    case PA_SAM_TYPE_SECURID:       /*  Security
Dynamics */
src/lib/krb5/krb/preauth2.c:    case PA_SAM_TYPE_SECURID_PREDICT:       /*
predictive Security Dynamics */
src/lib/krb5/krb/preauth.c:      case PA_SAM_TYPE_SECURID:      /*  Security
Dynamics */
src/lib/krb5/krb/preauth.c:      case PA_SAM_TYPE_SECURID_PREDICT:      /*
predictive Security Dynamics */




More information about the Kerberos mailing list