ZMQ_GSSAPI - Online Linux Manual PageSection : 7
Updated : 01/21/2023
Source : 0MQ 4​.3​.4
Note : 0MQ Manual

NAMEzmq_gssapi − secure authentication and confidentiality

SYNOPSISThe GSSAPI mechanism defines a mechanism for secure authentication and confidentiality for communications between a client and a server using the Generic Security Service Application Program Interface (GSSAPI)​. The GSSAPI mechanism can be used on both public and private networks​. GSSAPI itself is defined in IETF RFC−2743: http://tools​.ietf​.org/html/rfc2743​. The ZeroMQ GSSAPI mechanism is defined by this document: http://rfc​.zeromq​.org/spec:38​.

CLIENT AND SERVER ROLESA socket using GSSAPI can be either client or server, but not both​. To become a GSSAPI server, the application sets the ZMQ_GSSAPI_SERVER option on the socket​. To become a GSSAPI client, the application sets the ZMQ_GSSAPI_SERVICE_PRINCIPAL option to the name of the principal on the server to which it intends to connect​. On client or server, the application may additionally set the ZMQ_GSSAPI_PRINCIPAL option to provide the socket with the name of the principal for whom GSSAPI credentials should be acquired​. If this option is not set, default credentials are used​.

OPTIONAL ENCRYPTIONBy default, the GSSAPI mechanism will encrypt all communications between client and server​. If encryption is not desired (e​.g​. on private networks), the client and server applications can disable it by setting the ZMQ_GSSAPI_PLAINTEXT option​. Both the client and server must set this option to the same value​.

PRINCIPAL NAMESPrincipal names specified with the ZMQ_GSSAPI_SERVICE_PRINCIPAL or ZMQ_GSSAPI_PRINCIPAL options are interpreted as "host based" name types by default​. The ZMQ_GSSAPI_PRINCIPAL_NAMETYPE and ZMQ_GSSAPI_SERVICE_PRINCIPAL_NAMETYPE options may be used to change the name type to one of: ZMQ_GSSAPI_NT_HOSTBASED The name should be of the form "service" or "service@hostname", which will parse into a principal of "service/hostname" in the local realm​. This is the default name type​. ZMQ_GSSAPI_NT_USER_NAME The name should be a local username, which will parse into a single−component principal in the local realm​. ZMQ_GSSAPI_NT_KRB5_PRINCIPAL The name is a principal name string​. This name type only works with the krb5 GSSAPI mechanism​.

SEE ALSOzmq_setsockopt(3) zmq_null(7) zmq_curve(7) zmq(7)

AUTHORSThis page was written by the 0MQ community​. To make a change please read the 0MQ Contribution Policy at http://www​.zeromq​.org/docs:contributing​.
0
Johanes Gumabo
Data Size   :   7,455 byte
man-zmq_gssapi.7Build   :   2024-12-05, 20:55   :  
Visitor Screen   :   x
Visitor Counter ( page / site )   :   2 / 204,341
Visitor ID   :     :  
Visitor IP   :   18.118.128.17   :  
Visitor Provider   :   AMAZON-02   :  
Provider Position ( lat x lon )   :   39.962500 x -83.006100   :   x
Provider Accuracy Radius ( km )   :   1000   :  
Provider City   :   Columbus   :  
Provider Province   :   Ohio ,   :   ,
Provider Country   :   United States   :  
Provider Continent   :   North America   :  
Visitor Recorder   :   Version   :  
Visitor Recorder   :   Library   :  
Online Linux Manual Page   :   Version   :   Online Linux Manual Page - Fedora.40 - march=x86-64 - mtune=generic - 24.12.05
Online Linux Manual Page   :   Library   :   lib_c - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Online Linux Manual Page   :   Library   :   lib_m - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Data Base   :   Version   :   Online Linux Manual Page Database - 24.04.13 - march=x86-64 - mtune=generic - fedora-38
Data Base   :   Library   :   lib_c - 23.02.07 - march=x86-64 - mtune=generic - fedora.36

Very long time ago, I have the best tutor, Wenzel Svojanovsky . If someone knows the email address of Wenzel Svojanovsky , please send an email to johanes_gumabo@yahoo.co.id .
If error, please print screen and send to johanes_gumabo@yahoo.co.id
Under development. Support me via PayPal.