WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] kerberos support for XCP

from [Michal Novotny] [Permanent Link][Original]
To: admin@xxxxxxxxxxx
Subject: Re: [Xen-devel] kerberos support for XCP
From: Michal Novotny <minovotn@xxxxxxxxxx>
Date: Wed, 23 Jun 2010 15:33:23 +0200
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx, George Shuklin <nge@xxxxxxxx>
Delivery-date: Wed, 23 Jun 2010 06:35:29 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <AANLkTileExP76rv5yA5cmJ-q555PN8XHed73eo1MQ-vr@xxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <293861277294239@xxxxxxxxxxxxxxx> <AANLkTileExP76rv5yA5cmJ-q555PN8XHed73eo1MQ-vr@xxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.9) Gecko/20100430 Fedora/3.0.4-3.fc13 Thunderbird/3.0.4
I think that George is thinking about implementing krb5 (Kerberos) mechanism for Xen host authorization directly into the XCP platform, i.e. the kerberos credentials (obtained by kinit) could be useful when the company is using one kerberos server infrastructure which means the one-password infrastructure and they can be using it for various authorizations when the ticket is already obtained and it could be useful for e.g. accessing websites, accessing some intranet tools as well as this is the request to implement it into the Xen infrastructure so the ticket could be used for everything in their company/network until the ticket expires. 

Michal

On 06/23/2010 03:25 PM, David Markey wrote:

Do you mean via ssh, or via OpenXenCenter?
On 23 June 2010 12:57, George Shuklin <nge@xxxxxxxx <mailto:nge@xxxxxxxx>> wrote: 

    Good day.

    I was thinking, is it possible to add kerberos support to XCP? By
    Kerberos mechanism, all hosts can trust each other without
    passwords (for example, by using xcp/host@realm principals), and
    nfs4 identification will be possible...
    --
    wBR,George.

    _______________________________________________
    Xen-devel mailing list
    Xen-devel@xxxxxxxxxxxxxxxxxxx <mailto:Xen-devel@xxxxxxxxxxxxxxxxxxx>
    http://lists.xensource.com/xen-devel



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel



--
Michal Novotny<minovotn@xxxxxxxxxx>, RHCE
Virtualization Team (xen userspace), Red Hat


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] [PATCH] libxl: make libxl_wait_for_device_model not racy, Vincent Hanquez
Next by Date:  Re: [Xen-devel] [PATCH] svm: debug improvements, Keir Fraser
Previous by Thread:  Re: [Xen-devel] kerberos support for XCP, David Markey
Next by Thread:  [Xen-devel] Re: paging_domctl() missing break statements?, Paolo Bonzini
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy