GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  SS5_GSS (5)

NAME

ss5.gss - Enable GSS Kerberos authentication, integrity and confidentiality (see RFC 1961)

CONTENTS

Synopsis
Description
See Also
Author

SYNOPSIS

ss5 usually communicates with socks client in clear-text. If <s> method is set in <auth> directive, ss5 establishes a common security mechanism based on Kerberos mechanisms.

DESCRIPTION

To enable GSSAPI authentication with the ss5 daemon you must set SS5_GSS_PRINC option in the ss5.conf file indicating your Kerberos service principal name. Before GSSAPI authentication works, you must install libgssapi package. In base of socks client want to do, SS5 accepts 0 (auth only), 1 (integrity) or 2 (encryption) encapsulation values.

To add GSSAPI authentication, change the line to:

auth - - k

set SS5_GSS_PRINC option containing your Kerberos service principal name (i.e. rcmd@fqdn if service is equivalent to "rcmd")

3. Restart the server.

SEE ALSO

ss5(1), ss5.conf(5), ss5.pam(5), ss5.passwd(5), ss5.ha(5), ss5srv(1), ss5_supa(5), ss5_gss(5)

AUTHOR

Matteo Ricchetti

Send comments to Matteo.Ricchetti@libero.it

Search for    or go to Top of page |  Section 5 |  Main Index


--> SS5.GSS (5) 22 Feb 2009

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.