[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PAM and Kerberos



On Tue, 15 Aug 2000, Jeffrey Altman wrote:

> > > Marc, you have hit the nail on the head.  What we really need on
> > > Unix is to replace the file based credentials cache with something 
> > > else that can be contacted securely by the network process, the login
> > > process, and the user.
> > 
> > Something like Windows 2000's LSA service and SSPI?
> > 
> 
> SSPI is a parallel to GSSAPI.

microsoft has now adopted SPNEGO and GSSAPI.  they use it for SMB
authentication, now.  the transports they currently provide / negotiate /
use are:

- SSL

- NTLMSSP

- Kerberos-5





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []