5 Nov
2018
5 Nov
'18
12:49 a.m.
On Sun, Nov 4, 2018 at 4:44 PM Mantas Mikulėnas <grawity(a)gmail.com> wrote:
Kerberos exists too, but somewhat less common –
FreeIPA includes it by
default, but many people just piggyback on LDAP bind as password-based
authentication and use SSH keys for passwordless (because apparently
protocols other than SSH and HTTPS don't exist anymore). The MIT Kerberos 5
suite is still actively maintained and receives new features, such as
S-PAKE), whereas Heimdal appears to be on life support.
FreeBSD has Heimdal. We switched over a long time ago when MIT Kerberos 5
at MIT looked like it was going to die. Now the roles have somewhat
reversed.
Warner