EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Single Sign-on (SSO)

Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.
#6362
Posted: 05/23/2008 11:06:28
by Mike Scriven (Standard support level)
Joined: 05/19/2006
Posts: 102

Do you have any plans to support Single Sign-on in SecureBlackBox SSH?
#6363
Posted: 05/23/2008 11:14:46
by Ken Ivanov (EldoS Corp.)

Would you be so kind to specify, what exactly SSO support do you need from SBB? I assume you are talking about server-side client authentication, aren't you?
#6364
Posted: 05/23/2008 11:17:38
by Mike Scriven (Standard support level)
Joined: 05/19/2006
Posts: 102

No I'm looking for client side sign-on using kerberos.
#6365
Posted: 05/23/2008 11:27:05
by Ken Ivanov (EldoS Corp.)

Not sure if it is possible using SSH (if the server is not under your control, of course). Can you please point us at some solution that already does support such authentication?

We do have plans on implementing Kerberos, but there are no exact time estimations for them at the moment.
#6366
Posted: 05/23/2008 11:31:00
by Eugene Mayevski (EldoS Corp.)

I believe, SSH works via GSS-API in this case. We have GSS-API in SSH implemented, but not published. So if the server supports kerberos, and you have the corresponding GSS-API module, I think it can be possible to use such authentication. Of course this will require that we make GSS-API support publicly available.


Sincerely yours
Eugene Mayevski
#6369
Posted: 05/23/2008 12:17:53
by Mike Scriven (Standard support level)
Joined: 05/19/2006
Posts: 102

This is an enquiry from a customer of our Telnet client. Here's what he said:

"I am referring to Single Sign On. A user can login to a PC with Active Directory credentials, then those credentials are passed to the server that they are telnetting/sshing to, usually using the kerberos ticket from AD. Quest have a modified version of PuTTY as a companion to their Vintela product."

I guess this does not pertain specifically to SSH. I was mistaken. Thanks anyway.
#6370
Posted: 05/23/2008 14:04:20
by Mike Scriven (Standard support level)
Joined: 05/19/2006
Posts: 102

Not sure if this is of interest to you:

http://rc.quest.com/topics/putty/
#6371
Posted: 05/23/2008 15:08:25
by Eugene Mayevski (EldoS Corp.)

Yes, this will help us with debugging of GSSAPI interface. Thank you for the link.


Sincerely yours
Eugene Mayevski
#6373
Posted: 05/23/2008 16:32:32
by Mike Scriven (Standard support level)
Joined: 05/19/2006
Posts: 102

So it appears that what I need is the GSSAPI interface. Is that currently under development? If so do you have a tentative release date for it?

Thanks.
#6375
Posted: 05/24/2008 03:52:33
by Eugene Mayevski (EldoS Corp.)

As I mentioned, we have some things that have been implemented, but they are far from being ready to use. I think that we will leave this functionality for SBB 7, which is planned for winter.


Sincerely yours
Eugene Mayevski
Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.

Reply

Statistics

Topic viewed 3826 times

Number of guests: 2, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!