BREAKING: Knocking Down The HACIENDA

GNU hackers opened the GHM by revealing the offensive HACIENDA global surveillance program for TWD, and how to knock it down with stealth TCP services! Watch it now! [more]

GNU Generic Security Service - Libgss


Introduction

This page contain information about Generic Security Service (GSS), a free implementation of RFC 2743/2744.

If you do not know what GSS is, I suggest to read the following resources.

GSS itself is licensed under GPLv3+, and the manual is licensed under GFDLv1.3+.

Table of Contents

Documentation and Status

Refer to the GSS Manual web page for links to the manual in all formats; however, quick links to the most popular formats:

GSS has received some real-world testing and should be considered beta quality.

The source code framework is in place, an outline of the documentation is ready, and there are some simple self tests. The Kerberos 5 mechanism (RFC 1964 and RFC 4121) supports mutual authentication, channel bindings and the standard DES cipher. The non-standard 3DES cipher is also implemented, but unfortunately there are no specifications for AES. GNU SASL can use GSS to connect to GNU Mailutils and Cyrus IMAP servers that use the GSS implementations from MIT Kerberos or Heimdal. GNU MailUtils can also use GSS to serve GSSAPI clients. A SSH client and server with GSS authentication is provided by LSH with some patches.

GSS is developed for the GNU/Linux system, but runs on over 20 platforms including most major Unix platforms and Windows, and many kind of devices including iPAQ handhelds and S/390 mainframes.

GSS uses GNU Shishi to implement the Kerberos V5 mechanism.

Projects using GSS include:

News

Support

A mailing list where GSS users may help each other exists, and you can reach it by sending e-mail to help-gss@gnu.org. Archives of the mailing list discussions, and an interface to manage subscriptions, is available through the World Wide Web at http://lists.gnu.org/mailman/listinfo/help-gss.

If you are interested in paid support of GSS, or sponsor the development, please contact me. If you provide paid services for GSS, and would like to be mentioned here, also contact me.

If you find GSS useful, please consider making a donation. No amount is too small!

Downloading

The releases are distributed from ftp://ftp.gnu.org/gnu/gss/.

All official releases are signed with an OpenPGP key with fingerprint B565716F or with fingerprint 54265e8c.

Development

There is a Savannah GSS project page. You can check out the sources by using git as follows:

git clone git://git.savannah.gnu.org/gss.git

The online git interface is available.

See the file README-alpha on how to bootstrap and build the package from version controlled sources.

For every release, we publish cyclomatic code complexity charts for the package. There is also self-test code coverage charts available.


Valid XHTML 1.0 Strict

 [FSF logo] “Our mission is to preserve, protect and promote the freedom to use, study, copy, modify, and redistribute computer software, and to defend the rights of Free Software users.”

The Free Software Foundation is the principal organizational sponsor of the GNU Operating System. Support GNU and the FSF by buying manuals and gear, joining the FSF as an associate member, or making a donation, either directly to the FSF or via Flattr.

back to top

Translations of this page