securid and kerberos
=?gb2312?B?t73Twg==?=
fangyong at xunlei.com
Sun Oct 28 20:02:47 EDT 2007
hi all:
how can I get kerberos work with securid and openssh ?
I manage many linux server and I use securid to login in the boxes,but it's
too boring to login all server one by one.
anybody could be kind enough to tell me how can I use securid to get
kerberos ticket instead of password ?
I've found serveral "securid" string in the kerberos directory,but I did not
know how to make use of it :(
[root at AS3U8 krb5-1.6.3]# grep securid * -r -i
doc/api/tables.tex:KRB5_PADATA_ENC_SECURID & & yes \\
src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c:#ifdef SECURID
src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c:#ifdef SECURID
src/plugins/kdb/ldap/ldap_util/kdb5_ldap_realm.c:#define SECURID
src/include/kdb.h:#ifdef SECURID
src/include/kdb.h:#define KRB5_TL_SECURID_STATE 0x0006
src/include/kdb.h:#endif /* SECURID */
src/include/k5-int.h:#define PA_SAM_TYPE_SECURID 5 /* Security
Dynamics */
src/include/k5-int.h:#define PA_SAM_TYPE_SECURID_PREDICT
(PA_SAM_TYPE_EXP_BASE+1) /* special */
src/include/krb5/krb5.hin:#define KRB5_PADATA_ENC_SANDIA_SECURID 6
/* SecurId passcode */
src/appl/telnet/telnetd/telnetd.c:#ifdef SecurID
src/appl/telnet/telnetd/telnetd.c:#ifdef SecurID
src/appl/telnet/telnetd/telnetd.c: /* SecurID required
*/
src/appl/telnet/telnetd/telnetd.c: require_SecurID = 1;
src/appl/telnet/telnetd/telnetd.c:#endif /* SecurID */
src/appl/telnet/telnetd/telnetd.c:#ifdef SecurID
src/appl/telnet/telnetd/telnetd-ktd.c:#if defined(SecurID)
src/appl/telnet/telnetd/telnetd-ktd.c:int require_SecurID = 0;
src/appl/telnet/telnetd/telnetd-ktd.c:#ifdef SecurID
src/appl/telnet/telnetd/telnetd-ktd.c: /* SecurID required
*/
src/appl/telnet/telnetd/telnetd-ktd.c: require_SecurID = 1;
src/appl/telnet/telnetd/telnetd-ktd.c:#endif /* SecurID */
src/appl/telnet/telnetd/telnetd-ktd.c:#ifdef SecurID
src/appl/telnet/telnetd/sys_term.c:#if defined (SecurID)
src/appl/telnet/telnetd/sys_term.c: if (require_SecurID)
src/appl/telnet/telnetd/ext.h:#if defined(SecurID)
src/appl/telnet/telnetd/ext.h:extern int require_SecurID;
src/appl/telnet/telnetd/telnetd.8:is compiled with support for SecurID
cards. It causes the
src/appl/telnet/telnetd/telnetd.8:flag to indicate that only SecurID
validated logins are allowed, and is
src/appl/telnet/telnetd/telnetd.0.txt: port for SecurID
cards. It causes the -s option to be
src/appl/telnet/telnetd/telnetd.0.txt: supports the -s flag
to indicate that only SecurID validated
src/appl/telnet/telnetd/telnetd.0.ps:(is compiled with support for)3.891 F
F4(SecurID)3.891 E F0 3.891(cards. It)
src/appl/telnet/telnetd/telnetd.0.ps:(SecurID)2.98 E F0 -.25(va)2.98 G
.481(lidated logins are allo).25 F .481
src/kdc/kdc_preauth.c: { "SECURID", PA_SAM_TYPE_SECURID, },
src/lib/krb5/krb/preauth2.c: case PA_SAM_TYPE_SECURID: /* Security
Dynamics */
src/lib/krb5/krb/preauth2.c: case PA_SAM_TYPE_SECURID_PREDICT: /*
predictive Security Dynamics */
src/lib/krb5/krb/preauth.c: case PA_SAM_TYPE_SECURID: /* Security
Dynamics */
src/lib/krb5/krb/preauth.c: case PA_SAM_TYPE_SECURID_PREDICT: /*
predictive Security Dynamics */
More information about the Kerberos
mailing list