Heimdal or MIT for kerberos?
Mike Tancsa
mike at sentex.net
Sun Sep 7 11:55:32 UTC 2008
We are looking at deploying Kerberos for better user management (SSO)
and 2 factor authentication via pkcs#11 etokens. The servers are all
FreeBSD and the machines principals will login from a mix of FreeBSD,
Windows and MAC OSX using ssh and openvpn. As part of our compliance
project, access must be 2 factor. The Heimdal in RELENG_7 is a
rather old version and doesnt seem to have all the bits needed for
x509 pre-auth so I would probably need to install from the ports
anyways. Does anyone have any suggestions as to which
implementation to use ? We are in Canada so it doesnt matter
regulation wise. Is one better maintained than the other ? There are
no legacy v4 apps
Thanks,
---Mike
--------------------------------------------------------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike at sentex.net
Providing Internet since 1994 www.sentex.net
Cambridge, Ontario Canada www.sentex.net/mike
More information about the freebsd-security
mailing list