mech
, qop
—
GSS-API Mechanism and QOP files
/etc/gss/mech /etc/gss/qop
The /etc/gss/mech file contains a list of installed
GSS-API security mechanisms. Each line of the file either contains a comment
if the first character is '#' or it contains five fields with the following
meanings:
- Name
- The name of this GSS-API mechanism.
- Object identifier
- The OID for this mechanism.
- Library
- A shared library containing the implementation of this mechanism.
- Kernel module (optional)
- A kernel module containing the implementation of this mechanism (not yet
supported in FreeBSD).
- Library options (optional)
- Optionsal parameters interpreted by the mechanism. Library options must be
enclosed in brackets ([ ]) to differentiate them from the optional kernel
module entry.
The /etc/gss/qop file contains a list of
Quality of Protection values for use with GSS-API. Each line of the file
either contains a comment if the first character is '#' or it contains three
fields with the following meanings:
- QOP string
- The name of this Quality of Protection algorithm.
- QOP value
- The numeric value used to select this algorithm for use with GSS-API
functions such as
gss_get_mic(3).
- Mechanism name
- The GSS-API mechanism name that corresponds to this algorithm.
This is a typical entry from /etc/gss/mech:
kerberosv5 1.2.840.113554.1.2.2 /usr/lib/libgssapi_krb5.so.8 -
This is a typical entry from
/etc/gss/qop:
GSS_KRB5_CONF_C_QOP_DES 0x0100 kerberosv5
The mech
manual page example first appeared in
FreeBSD 7.0.