On 30.3.2015 14:58, Gokulnath wrote:
Thanks for the update.
The reason for weigh in the Kerberos option is to have that as an option to
disable if needed, security is more important. I had to say this because
there was a question on why I would disable it.
I would argue that by using
Hi,
As far as I understand it Kerberos service tickets are granted for a user
to access a particular principle (host/service@REALM) and cannot be reused.
Kerberos uses symmetric key cryptography so, if someone were able to access
the memory of the machine, then they may indeed be able to snoop
On 30.3.2015 09:28, Andrew Holway wrote:
Hi,
As far as I understand it Kerberos service tickets are granted for a user
to access a particular principle (host/service@REALM) and cannot be reused.
Kerberos uses symmetric key cryptography so, if someone were able to access
the memory of the
On 30/03/15 04:27, Gokulnath wrote:
Thanks for getting back.
1. As security Kerberos can ticket and in memory can be taken and that session
key
Can be used to gain access every where. Primarily this because the plan is to
use the solution in cloud.
2. Can I disable DNS as well? And have IPA
On 03/29/2015 10:27 PM, Gokulnath wrote:
Thanks for getting back.
1. As security Kerberos can ticket and in memory can be taken and that session
key
Can be used to gain access every where. Primarily this because the plan is to
use the solution in cloud.
You can use Kerberos in the cloud. It
Thanks for the update.
The reason for weigh in the Kerberos option is to have that as an option to
disable if needed, security is more important. I had to say this because there
was a question on why I would disable it.
I agree that the otp should definitely provide some additional layer of
On 03/29/2015 11:50 AM, Gokul wrote:
Hi,
I am tried to run some of my user cases with FreeIPA.
Have FreeIPA to do only SSH key management in LDAP and PKI management.
The understand that every request is kerberized and it has the DNS is
must configuration.
Can I have FreeIPA to run only SSH
Hi,
I am tried to run some of my user cases with FreeIPA.
Have FreeIPA to do only SSH key management in LDAP and PKI management.
The understand that every request is kerberized and it has the DNS is must
configuration.
Can I have FreeIPA to run only SSH Key management with LDAP and a PKI
Thanks for getting back.
1. As security Kerberos can ticket and in memory can be taken and that session
key
Can be used to gain access every where. Primarily this because the plan is to
use the solution in cloud.
2. Can I disable DNS as well? And have IPA to run only ldap, ssh key rotation
