SSH

Secure Application Login with Kerberos/GSSAPI

When both the client and server are located in the same Windows (NT or Active Directory) domain, it is possible to integrate Windows Domain logon to the Tectia client/server solution. This means that when a user logs on to a Windows Domain, the user gets a "ticket" that can be used for authenticating the user to Tectia Server. The authentication procedure is then non-interactive; the user is not prompted to enter a password when Tectia Client is connecting to Tectia Server.

GSSAPI authentication can also be used in a mixed Windows/Unix environment. On Unix, GSSAPI interoperates with standard Kerberos implementations that provide a GSSAPI mechanism.

Active Directory/Kerberos is used in the Windows 2003 Domains.

Secure application connectivity through GSSAPI

Figure 5.4. Secure application connectivity through GSSAPI