Kerberising applications on linux

Markus Moeller huaraz at
Thu Sep 1 15:18:50 EDT 2005


you can use proftpd with mod_gss and/or mod_ldap.


"S Krithika" <skrithika at> wrote in message 
news:43176C18020000F9000020A8 at
> Hi,
>   I'm interested in understanding what interfaces are available to
> Kerberise a linux FTP server.  There are two sections, basically
> authentication and authorisation that we should be focusing on right?
> a. Authentication - We can  use kerberos authentication  - That is FTP
> server will accept the kerberos ticket and authenticate the user. For
> this GSS APIs can be used to accept_context and process further data.
> b. The second step is to Authorise. - We need to use the authentication
> information obtained from kerberos and refer to a directory ( a database
> that has the user rights, access, etc..) for authorisation. OpenLDAP can
> be used to access the database, but how do I provide the authentication
> information from kerberos to OpenLDAP?
> Can someone give me pointers on what interfaces  I need to use to
> accomplish this? I'm lost with GSSAPIs, SASL APIs,  PAM Kerberos, etc..
> What is the best way to implement authentication and authorisation on a
> kerberised environment?
> Thanks,
> Krithika.
> _______________________________________________
> krbdev mailing list             krbdev at

More information about the krbdev mailing list