Uploaded image for project: 'MINA SSHD'
  1. MINA SSHD
  2. SSHD-111

Support gssapi-with-mic authentication to use kerberos credentials

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Minor
    • Resolution: Fixed
    • 0.5.0
    • 0.6.0
    • None

    Description

      I recently raised a couple of improvements which duplicated existing issues and which were fixed in HEAD. Hope this one is not.

      I've made some changes to support gssapi-with-mic authentication allowing access to the server without entering a password if in a Kerberos environment. This is beneficial for us because we embed sshd in an application which already provides single sign on using GSSAPI in Unix and Windows.

      A patch is attached. The core of the code is in UserAuthGSS; the GSSAuthenticator class is provided to allow parts of the process to be overridden for different environments - for example using a native implemention of GSSManager on Windows to provide easy integration with AD.

      Attachments

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            Unassigned Unassigned
            richard.evans@datanomic.com Richard Evans
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment