From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pve-user-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9])
	by lore.proxmox.com (Postfix) with ESMTPS id 352D31FF15F
	for <inbox@lore.proxmox.com>; Mon, 21 Oct 2024 21:09:46 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 03C6A39951;
	Mon, 21 Oct 2024 21:10:19 +0200 (CEST)
Date: Mon, 21 Oct 2024 21:09:36 +0200
To: pve-user@lists.proxmox.com
MIME-Version: 1.0
Message-ID: <mailman.454.1729537817.332.pve-user@lists.proxmox.com>
List-Id: Proxmox VE user list <pve-user.lists.proxmox.com>
List-Post: <mailto:pve-user@lists.proxmox.com>
From: Kaonashi via pve-user <pve-user@lists.proxmox.com>
Precedence: list
Cc: Kaonashi <kaonashi@bakemono.nl>
X-Mailman-Version: 2.1.29
X-BeenThere: pve-user@lists.proxmox.com
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user>, 
 <mailto:pve-user-request@lists.proxmox.com?subject=subscribe>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-user>, 
 <mailto:pve-user-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-user/>
Reply-To: Proxmox VE user list <pve-user@lists.proxmox.com>
List-Help: <mailto:pve-user-request@lists.proxmox.com?subject=help>
Subject: [PVE-User] Does Proxmox VE support Kerberos authentication,
 also in the webGUI?
Content-Type: multipart/mixed; boundary="===============0887669893146290996=="
Errors-To: pve-user-bounces@lists.proxmox.com
Sender: "pve-user" <pve-user-bounces@lists.proxmox.com>

--===============0887669893146290996==
Content-Type: message/rfc822
Content-Disposition: inline

Return-Path: <kaonashi@bakemono.nl>
X-Original-To: pve-user@lists.proxmox.com
Delivered-To: pve-user@lists.proxmox.com
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits))
	(No client certificate requested)
	by lists.proxmox.com (Postfix) with ESMTPS id 4A673C7506
	for <pve-user@lists.proxmox.com>; Mon, 21 Oct 2024 21:10:17 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 32DCB3988C
	for <pve-user@lists.proxmox.com>; Mon, 21 Oct 2024 21:09:47 +0200 (CEST)
Received: from mx4.it-functions.nl (mx4.it-functions.nl [IPv6:2a03:4000:6a:1ae:1::5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (prime256v1) server-signature RSA-PSS (2048 bits) server-digest SHA256)
	(No client certificate requested)
	by firstgate.proxmox.com (Proxmox) with ESMTPS
	for <pve-user@lists.proxmox.com>; Mon, 21 Oct 2024 21:09:46 +0200 (CEST)
Message-ID: <30bb70aa-8992-405b-960b-52fa3bcadebc@bakemono.nl>
Date: Mon, 21 Oct 2024 21:09:36 +0200
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: pve-user@lists.proxmox.com
Content-Language: nl
From: Kaonashi <kaonashi@bakemono.nl>
Subject: Does Proxmox VE support Kerberos authentication, also in the webGUI?
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-GeoIP: NL
X-Virus-Scanned: by clamav on mx4.it-functions.nl
X-SPAM-LEVEL: Spam detection results:  0
	BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
	DMARC_PASS               -0.1 DMARC pass policy
	KAM_DMARC_STATUS         0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
	SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
	SPF_PASS               -0.001 SPF: sender matches SPF record

Hi,

As far as I can tell, Proxmox VE does support LDAP authentication, but 
not Kerberos based SSO.

Looking at the code of pveproxy, the webGUI does not seem to support 
GSSAPI based Kerberos SSO authentication.

Are there any plans to support that?

I need to setup a Proxmox cluster in a FreeIPA environment and having 
Kerberos based SSO would be very nice to have.

-- 
Best regards,
Kaonashi



--===============0887669893146290996==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
pve-user mailing list
pve-user@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user

--===============0887669893146290996==--