GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
ss5.gss(5) FreeBSD File Formats Manual ss5.gss(5)

ss5.gss - Enable GSS Kerberos authentication, integrity and confidentiality (see RFC 1961)

ss5 usually communicates with socks client in clear-text. If <s> method is set in <auth> directive, ss5 establishes a common security mechanism based on Kerberos mechanisms.

To enable GSSAPI authentication with the ss5 daemon you must set SS5_GSS_PRINC option in the ss5.conf file indicating your Kerberos service principal name. Before GSSAPI authentication works, you must install libgssapi package. In base of socks client want to do, SS5 accepts 0 (auth only), 1 (integrity) or 2 (encryption) encapsulation values.

To add GSSAPI authentication, change the line to:

auth - - k

set SS5_GSS_PRINC option containing your Kerberos service principal name (i.e. rcmd@fqdn if service is equivalent to "rcmd")


3. Restart the server.

ss5(1), ss5.conf(5), ss5.pam(5), ss5.passwd(5), ss5.ha(5), ss5srv(1), ss5_supa(5), ss5_gss(5)

Matteo Ricchetti

Send comments to Matteo.Ricchetti@libero.it

22 Feb 2009
Search for    or go to Top of page |  Section 5 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.