Kerberising applications on linux
huaraz at moeller.plus.com
Thu Sep 1 15:18:50 EDT 2005
you can use proftpd with mod_gss and/or mod_ldap.
"S Krithika" <skrithika at novell.com> wrote in message
news:43176C18020000F9000020A8 at lucius.provo.novell.com...
> I'm interested in understanding what interfaces are available to
> Kerberise a linux FTP server. There are two sections, basically
> authentication and authorisation that we should be focusing on right?
> a. Authentication - We can use kerberos authentication - That is FTP
> server will accept the kerberos ticket and authenticate the user. For
> this GSS APIs can be used to accept_context and process further data.
> b. The second step is to Authorise. - We need to use the authentication
> information obtained from kerberos and refer to a directory ( a database
> that has the user rights, access, etc..) for authorisation. OpenLDAP can
> be used to access the database, but how do I provide the authentication
> information from kerberos to OpenLDAP?
> Can someone give me pointers on what interfaces I need to use to
> accomplish this? I'm lost with GSSAPIs, SASL APIs, PAM Kerberos, etc..
> What is the best way to implement authentication and authorisation on a
> kerberised environment?
> krbdev mailing list krbdev at mit.edu
More information about the krbdev