On Wed, Aug 09, 2006 at 02:26:57PM -0500, Douglas E. Engert wrote: > > > Nicolas Williams wrote: > > >On Wed, Aug 09, 2006 at 09:52:51AM -0500, Douglas E. Engert wrote: > > > >>Markus Moeller wrote: > >> > >>>There shouldn't be the need of compiling openssh with Kerberos as the > >>>Solaris 10 version supports GSSAPI authentication. > >> > >>Yes and no. Until you want to store the delegated credential or do a > >>krb5_userok test. > > > > > >Solaris' sshd does this using __gss_userok() and gss_store_cred(). > > Good, and that was what I was trying to the kerberos working group > interested in before Kitten was started.
gss_store_cred() is a KITTEN WG work item. __gss_userok() is not; should it be? It depends on a notion of "user account," and so it's rather not so generic. But we could have an individual submission draft targetting Informational status for "gss_userok()"... Comments? ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
