ZMQ_GSSAPI - Online Linux Manual PageSection : 7
Updated : 01/21/2023
Source : 0MQ 4.3.4
Note : 0MQ Manual
NAMEzmq_gssapi − secure authentication and confidentiality
SYNOPSISThe GSSAPI mechanism defines a mechanism for secure authentication and confidentiality for communications between a client and a server using the Generic Security Service Application Program Interface (GSSAPI). The GSSAPI mechanism can be used on both public and private networks. GSSAPI itself is defined in IETF RFC−2743: http://tools.ietf.org/html/rfc2743. The ZeroMQ GSSAPI mechanism is defined by this document: http://rfc.zeromq.org/spec:38.
CLIENT AND SERVER ROLESA socket using GSSAPI can be either client or server, but not both. To become a GSSAPI server, the application sets the ZMQ_GSSAPI_SERVER option on the socket. To become a GSSAPI client, the application sets the ZMQ_GSSAPI_SERVICE_PRINCIPAL option to the name of the principal on the server to which it intends to connect. On client or server, the application may additionally set the ZMQ_GSSAPI_PRINCIPAL option to provide the socket with the name of the principal for whom GSSAPI credentials should be acquired. If this option is not set, default credentials are used.
OPTIONAL ENCRYPTIONBy default, the GSSAPI mechanism will encrypt all communications between client and server. If encryption is not desired (e.g. on private networks), the client and server applications can disable it by setting the ZMQ_GSSAPI_PLAINTEXT option. Both the client and server must set this option to the same value.
PRINCIPAL NAMESPrincipal names specified with the ZMQ_GSSAPI_SERVICE_PRINCIPAL or ZMQ_GSSAPI_PRINCIPAL options are interpreted as "host based" name types by default. The ZMQ_GSSAPI_PRINCIPAL_NAMETYPE and ZMQ_GSSAPI_SERVICE_PRINCIPAL_NAMETYPE options may be used to change the name type to one of: ZMQ_GSSAPI_NT_HOSTBASED The name should be of the form "service" or "service@hostname", which will parse into a principal of "service/hostname" in the local realm. This is the default name type. ZMQ_GSSAPI_NT_USER_NAME The name should be a local username, which will parse into a single−component principal in the local realm. ZMQ_GSSAPI_NT_KRB5_PRINCIPAL The name is a principal name string. This name type only works with the krb5 GSSAPI mechanism.
SEE ALSOzmq_setsockopt(3) zmq_null(7) zmq_curve(7) zmq(7)
AUTHORSThis page was written by the 0MQ community. To make a change please read the 0MQ Contribution Policy at http://www.zeromq.org/docs:contributing. 0
Johanes Gumabo
Data Size : 7,455 byte
man-zmq_gssapi.7Build : 2024-12-05, 20:55 :
Visitor Screen : x
Visitor Counter ( page / site ) : 2 / 204,341
Visitor ID : :
Visitor IP : 18.118.128.17 :
Visitor Provider : AMAZON-02 :
Provider Position ( lat x lon ) : 39.962500 x -83.006100 : x
Provider Accuracy Radius ( km ) : 1000 :
Provider City : Columbus :
Provider Province : Ohio , : ,
Provider Country : United States :
Provider Continent : North America :
Visitor Recorder : Version :
Visitor Recorder : Library :
Online Linux Manual Page : Version : Online Linux Manual Page - Fedora.40 - march=x86-64 - mtune=generic - 24.12.05
Online Linux Manual Page : Library : lib_c - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Online Linux Manual Page : Library : lib_m - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Data Base : Version : Online Linux Manual Page Database - 24.04.13 - march=x86-64 - mtune=generic - fedora-38
Data Base : Library : lib_c - 23.02.07 - march=x86-64 - mtune=generic - fedora.36
Very long time ago, I have the best tutor, Wenzel Svojanovsky . If someone knows the email address of Wenzel Svojanovsky , please send an email to johanes_gumabo@yahoo.co.id .
If error, please print screen and send to johanes_gumabo@yahoo.co.id
Under development. Support me via PayPal.