in Kerberos
Re: windows kerberos update?
daemon@ATHENA.MIT.EDU (Charles Hedrick)
Wed Feb 20 16:34:49 2019
From: Charles Hedrick <firstname.lastname@example.org>
To: Greg Hudson <email@example.com>
Date: Wed, 20 Feb 2019 21:33:46 +0000
Cc: "firstname.lastname@example.org" <email@example.com>
Content-Type: text/plain; charset="utf-8"
I just verified that OTP does work. Thanks.
> On Jan 16, 2019, at 12:01 PM, Greg Hudson <firstname.lastname@example.org> wrote:
> On 1/16/19 11:23 AM, Charles Hedrick wrote:
>> We’re starting to use Windows Kerberos, with a 3rd party login screen that calls Kerberos. Some of our staff use FreeOTP 2FA. As far as I can tell, the most recent KfW doesn’t support 2FA or the https: proxy.
> KfW 4.1 is based on krb5 1.13, which includes the OTP client code, so I
> think that's only half correct.
>> Are there plans for a new release that would do so?
> I was planning to do a Windows release based on the 1.17 branch (for
> SPAKE support, if nothing else), but I don't have a specific time-table.
> HTTPS proxy support is not currently part of the Windows build, because
> of the OpenSSL dependency. I can make an attempt to bring that in when
> I make time to do work on the Windows port. (Bringing in an OpenSSL
> dependency would also make it possible to enable PKINIT support, though
> that might also require some work on the PKINIT code.)
> It is now possible to build the Windows installer from source using the
> community (no-cost) version of the MS compiler. See src/windows/README
> in the source tree for details.
Kerberos mailing list Kerberos@mit.edu