Hi,
I'm just getting my act together after attending the Moonshot Technology
Pilot Workshop a few weeks ago and have been looking over my notes. I
think I was distracted by all the crazy protocol and XML stuff and didn't
ask some basic questions. I hope you'll forgive me if I ask them now...
For background, I'm specifically interested in using Moonshot for the
simple ssh case of allowing prearranged users at other institutions to ssh
into our HPC/number-crunching machine.
The installation/configuration demonstration session at the workshop,
which focused on openssh, was therefore particularly interesting:
1) Users placed their unencrypted credentials into file .gss_eap_id and
connected to a server using a null username '-l ""'. I assume this is a
work in progress: will the openssh client be developed to avoid the need
of such a file? e.g. using "-l" to pass the user/realm info and being
prompted for the password.
2) I didn't quite understand what the remaining man in the middle attack
concern was with openssh. Assuming it was discussed on the mailing list,
can someone give me the relevant phrase to search for, please?
Cheers,
Mark
PS It was good to meet everyone - thanks for a great couple of days.
--
-----------------------------------------------------------------
Mark Dixon Email : [log in to unmask]
HPC/Grid Systems Support Tel (int): 35429
Information Systems Services Tel (ext): +44(0)113 343 5429
University of Leeds, LS2 9JT, UK
-----------------------------------------------------------------
|