LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 04-21-2011, 08:49 AM   #1
wilslm
LQ Newbie
 
Registered: Apr 2011
Posts: 17

Rep: Reputation: 0
Kerberos vs LDAP SSL?


Hi there,

I am integrating my Unix box to the Windows AD using PAM_LDAP and Kerberos enabled.

I was wondering, since Kerberos is enabled is there any point to enable SSL on my LDAP.conf?

My understanding is that since Kerberos is enabled, therefore the username/password is sent securely there isn't any benefit of enabling SSL on the LDAP.conf? It's one of or another.

Am I wrong?
 
Old 04-21-2011, 01:27 PM   #2
poorsod
LQ Newbie
 
Registered: Apr 2011
Posts: 16

Rep: Reputation: 3
Quote:
Originally Posted by wilslm View Post
Hi there,

I am integrating my Unix box to the Windows AD using PAM_LDAP and Kerberos enabled.

I was wondering, since Kerberos is enabled is there any point to enable SSL on my LDAP.conf?

My understanding is that since Kerberos is enabled, therefore the username/password is sent securely there isn't any benefit of enabling SSL on the LDAP.conf? It's one of or another.

Am I wrong?
I'm think kerberos gives you a secure authentication at the beginning of the LDAP connection. However SSL will encrypt the whole communication (which may involve sensitive data found in your LDAP directory).
I don't see any problem with using both if that's possible.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
PAM LDAP: Kerberos vs SSL (LDAP SSL) wilslm Red Hat 3 04-22-2011 08:50 AM
Kerberos LDAP avatardeviva Linux - Server 0 05-29-2010 10:00 AM
LDAP and Kerberos? kja_007700 Linux - Security 2 02-20-2010 07:52 AM
LDAP SSL and Non-SSL port open? your_shadow03 Linux - Newbie 3 01-14-2010 05:57 PM
combine LDAP and Kerberos? licht Linux - Server 0 07-12-2007 12:35 PM


All times are GMT -5. The time now is 11:40 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration