HP-UX 11i Release Notes (December 2000)
Security
Kerberos Client Software (new)
Chapter 11216
Kerberos Client Software (new)
Kerberos is a network authentication protocol. Kerberos Client Software
is now provided with HP-UX 11i. It enables integrating HP-UX into a
secure enterprise environment. It provides tools and libraries to perform
authentication and secure communication.
The Kerberos protocol is designed to provide strong authentication for
client/server applications by using secret-key cryptography. It uses
strong cryptography so that a client can prove its identity to a server and
vice versa across an insecure network connection. After the client and
the server have established their identities, they can also encrypt all of
their communications to assure privacy and data integrity.
Kerberos Client Software is based on MIT Kerberos V5 1.1.1. It consists
of libraries, header files, manpages and Kerberos utilities which help in
performing command line or programmatic authentication. Data
encryption APIs can be used to protect data transmitted over the
Internet. Kerberos Client Software supports both 32- and 64-bit
development. The 64-bit libraries are placed in the /usr/lib/pa20_64
directory.
Libraries
The following libraries are included:
• /usr/lib/libkrb5.sl, /usr/lib/pa20_64/libkrb5.sl:
Most of the Kerberos APIs are implemented by this library. This
library implements APIs for authentication, verifying tickets,
creating authenticator, context management, etc. For more
information see libkrb5 (3).
• /usr/lib/libcom_err.sl, /usr/lib/pa20_64/libcom_err.sl:
This library implements com_err APIs. The com_err() functions
print appropriate error messages to the stderr based on the error
code returned by kerberos APIs. For more information see libkrb5 (3).
• /usr/libk5crypto.sl, /usr/lib/pa20_64/libk5crypto.sl: