I would like to use gssapi authentication in rsync. GSSAPI is the
standard way to use kerberos.
My idea is not too have a full pam implementation, juste a different
way to authenticate users than the secret file and md4 challenge.
I made a little experiment and it worked well.
What I've done is changing the challenge command. Instead of sending
@RSYNCD: AUTHREQD <challenge>, it just send "@RSYNCD: GSSAPI. Then
gssapi bytes are exchanged and the user principal is returned instead
of the rsync login. So the changes are small.
Before submiting a full patch, I seek advice, do you think it's a good
way to do that ? Some configuration files needes to be changed, the
protocol must be changed, is there some best practice about that ?
Any help and advice is welcome.
--
Please use reply-all for most replies to avoid omitting the mailing list.
To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync
Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
