Kerberos Products and GSS-API on HP-UX
HP-UX supports Kerberos products with a set of three software packages and Generic Security Service Application Programming Interface (GSS-API) for HP-UX 11.0 onwards. These products are:
•PAM Kerberos (PAM-Kerberos)
•Kerberos Client Software
•Kerberos Server
•GSS-API
Application programmers can create “Kerberized” applications using either the GSS-APIs or the Kerberos APIs. However, HP recommends that GSS-APIs be used for application development. HP provides the following Kerberized applications through Secure Internet Services (SIS): ftp, rcp, remsh, rlogin, and telnet.
SIS is available on HP-UX 11.0 and HP-UX 11i v1 only. From HP-UX 11i v2 onwards, all these applications directly link to libkrb5.
The HP-UX Kerberos-related products and GSS-API are:
•PAM Kerberos (PAM-Kerberos): is the Kerberos implementation of the PAM Framework based on the RFC 86.0 of Open Group. PAM allows multiple authentication technologies to co-exist on HP-UX.
•Kerberos Client Software: includes libraries, header files and utilities for implementing Kerberized client/server applications in either 32-bit or 64-bit development environment.
The client libraries are based on MIT Kerberos V5 1.1.1 release. The KRB5-Client libraries support DES encryption as specified in RFC 1510 of the IETF.
