Next: , Previous: , Up: Top   [Contents][Index]


1 Introduction

Shishi implements the Kerberos network authentication system. Shishi can be used to authenticate users in distributed systems, and is most often used via GSS-API for SSH or via SASL for IMAP/POP3.

Shishi contains a library (’libshishi’) that can be used by application developers to add support for Kerberos 5. There is also a command line utility (’shishi’) that is used by users to acquire and manage tickets. The server side, a Key Distribution Center, is implemented by ’shishid’. Of course, a manual documenting usage aspects as well as the programming API is included.

Shishi currently supports AS/TGS exchanges for acquiring tickets, pre-authentication, the AP exchange for performing client and server authentication, and SAFE/PRIV for integrity/privacy protected application data exchanges.

Shishi is internationalized; error and status messages can be translated into the users’ language; user name and passwords can be converted into any available character set (normally including ISO-8859-1 and UTF-8) and also be processed using an experimental Stringprep profile.

Most, if not all, of the widely used encryption and checksum types are supported, such as 3DES, AES, ARCFOUR and HMAC-SHA1.

Shishi is developed for the GNU/Linux system but works on many platforms including most major Unix and Windows systems.

Shishi is free software licensed under the GNU General Public License version 3.0 or later.


Next: , Previous: , Up: Top   [Contents][Index]