SSH Tectia

Secure Application Connectivity with Kerberos/GSSAPI

When both the client and server are located in the same Windows (NT or Active Directory) domain, it is possible to integrate Windows Domain logon to the SSH Tectia client/server solution. This means that when a user logs on to a Windows Domain, the user gets a "ticket" that can be used for authenticating the user to SSH Tectia Server. The authentication procedure is then non-interactive; the user is not prompted to enter a password when SSH Tectia Connector or Client connects to SSH Tectia Server with Tunneling Expansion Pack.

GSSAPI authentication can also be used in a mixed Windows/Unix environment. On Unix, GSSAPI interoperates with standard Kerberos implementations that provide a GSSAPI mechanism.

Active Directory/Kerberos is used in the Windows 2000/2003 Domains.

Secure application connectivity through GSSAPI

Figure 5.4. Secure application connectivity through GSSAPI

See also GSSAPI (Kerberos) Authentication with Microsoft Active Directory Compatibility Note at http://www.ssh.com/resources/material/compatibility/.