Tectia

Secure Application Login with Kerberos/GSSAPI

When both the client and server are located in the same Windows (NT or Active Directory) domain, it is possible to integrate Windows Domain logon to the SSH Tectia client/server solution. This means that when a user logs on to a Windows Domain, the user gets a "ticket" that can be used for authenticating the user to SSH Tectia Server. The authentication procedure is then non-interactive; the user is not prompted to enter a password when SSH Tectia Client or ConnectSecure are connecting to SSH Tectia Server.

GSSAPI authentication can also be used in a mixed Windows/Unix environment. On Unix, GSSAPI interoperates with standard Kerberos implementations that provide a GSSAPI mechanism.

Active Directory/Kerberos is used in the Windows 2003 Domains.

Secure application connectivity through GSSAPI

Figure 5.6. Secure application connectivity through GSSAPI