GNU Generic Security Service Library provides a Generic Security Service (GSS-API) implementation.
It is used by network applications to provide security services, such as authenticating SMTP/IMAP, via the GSSAPI SASL mechanism.
It consists of a library and a manual, and a Kerberos 5 mechanism that supports mutual authentication and the DES and 3DES ciphers.
GSS has received very little real-world testing and should be considered alpha quality.
The source code framework is in place, an outline of the documentation is ready, and there are some simple self tests. The Kerberos 5 mechanism (RFC 1964) supports mutual authentication and the standard DES cipher. The non-standard 3DES cipher is also implemented, but unfortunately there are no specifications for AES. GNU SASL can use GSS to connect to GNU Mailutils and Cyrus IMAP servers that use the GSS implementations from MIT Kerberos or Heimdal. GNU MailUtils can also use GSS to serve GSSAPI clients. A SSH client and server with GSS authentication is provided by LSH with some patches.
GSS is developed for the GNU/Linux system, but runs on over 20 platforms including most major Unix platforms and Windows, and many kind of devices including iPAQ handhelds and S/390 mainframes.
GSS uses Shishi to implement the Kerberos V5 mechanism.
Projects using GSS include:
· GNU Shishi
What's New in This Release: [ read full changelog ]
· Numerous enhancements and bugfixes.