[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PAM and Kerberos



> > Marc, you have hit the nail on the head.  What we really need on
> > Unix is to replace the file based credentials cache with something 
> > else that can be contacted securely by the network process, the login
> > process, and the user.
> 
> Something like Windows 2000's LSA service and SSPI?
> 

SSPI is a parallel to GSSAPI.  What we need is a new credential cache
implementation that is accesible via IPC.  Similar to what Danilo has
implemented on Windows for the upcoming release of KfW.




                  Jeffrey Altman * Sr.Software Designer
                 The Kermit Project * Columbia University
               612 West 115th St * New York, NY * 10025 * USA
     http://www.kermit-project.org/ * kermit-support@kermit-project.org






[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []