Uploaded image for project: 'MINA SSHD'
  1. MINA SSHD
  2. SSHD-111

Support gssapi-with-mic authentication to use kerberos credentials

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 0.5.0
    • Fix Version/s: 0.6.0
    • Labels:
      None

      Description

      I recently raised a couple of improvements which duplicated existing issues and which were fixed in HEAD. Hope this one is not.

      I've made some changes to support gssapi-with-mic authentication allowing access to the server without entering a password if in a Kerberos environment. This is beneficial for us because we embed sshd in an application which already provides single sign on using GSSAPI in Unix and Windows.

      A patch is attached. The core of the code is in UserAuthGSS; the GSSAuthenticator class is provided to allow parts of the process to be overridden for different environments - for example using a native implemention of GSSManager on Windows to provide easy integration with AD.

        Attachments

        1. gss.patch
          31 kB
          Richard Evans

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              richard.evans@datanomic.com Richard Evans
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: