[rsbac] Linux public key authentication an PKI

Michal Purzynski michal at rsbac.org
Thu May 10 13:31:44 CEST 2007

Hash: SHA1

On May 10, 2007, at 1:20 PM, Andrew Dobbie wrote:

> Hello,
> I'm not sure but maybe Kerberos can do that? It certainly uses single
> sign-on for multiple network services. Might be restricted to using
> password as shared secret for authentication with the Key Distribution
> Center. Once you authenticate though, password isn't used again until
> your Ticket-Granting Ticket expires.

Kerberos definitely. It's well known, easy to implement (across few 
different platforms), reasonably designed solution. I see no point in 
designing anything that would basically copy it anyway.

> Anyone else have ideas?
> Kerberos is Linux independent btw.
> On Mon, 2007-07-05 at 15:18 +0600, sftf at yandex.ru wrote:
>> Hi!
>> Anybody now, is there project/drafts for Linux implementing
>> centralized public key authentication for various services (not only 
>> SSH) and client software?
>> Scenario:
>> - admin create private/public keys (like for SSH), one per user and 
>> store them in LDAP
>> - ALL(POP3,SMTP,FTP,WEB,SAMBA and so on) services authenticate users 
>> by public key,
>>   not by the password
>> - so client software (POP3,SMTP,FTP... clinets) use public key 
>> instead password
>> Thanks!
>> _______________________________________________
>> rsbac mailing list
>> rsbac at rsbac.org
>> http://www.rsbac.org/mailman/listinfo/rsbac
> _______________________________________________
> rsbac mailing list
> rsbac at rsbac.org
> http://www.rsbac.org/mailman/listinfo/rsbac
Version: GnuPG v1.4.1 (Darwin)


More information about the rsbac mailing list