**Cyrus SASL Sample**
-*Modified/Unmodified*
-* .
+
+Unmodified.
*What does it do*
-* .
+* Demonstrates minimal SASL functionality and allows exploration of SASL mechanisms.
-*Tested clients*
-
-* .
-----
**GSS-Sample**
-*Modified/Unmodified*
+Unmodified.
-* .
*What does it do*
-* .
+* Demonstrates GSS-API mechanisms functioning.
+* Displays all attributes (from SAML, Shibboleth) received
+* See [[vmdk]] for instructions on how to run
-*Tested clients*
-* .
-----
**Jabberd**
-*Modified/Unmodified*
+* Unmodified
+* Requires enabling cyrus-sasl support in the build
-* .
*What does it do*
-* .
+* Jabber server. Provides authentication from moonshot.
+
*Tested clients*
*Modified/Unmodified*
-* Unmodified openLDAP, but has to be recomplied with SASL specific build options
+* Unmodified openLDAP, but has to be compiled with SASL specific build options; most Linux distributions do this by default
*What does it do*
-* User can authenticate to openLDAP with their federated id, where their DN is mapped from their SASL id (mapping configured in slapd.conf)
+* * User can authenticate to openLDAP with their federated id, where their DN is mapped from their SASL id (mapping configured in slapd.conf)
*Tested clients*
*Modified/Unmodified*
-* .
+* See http://www.project-moonshot.org/gitweb/openssh.git look at the master and debian branches.
+* No client modifications required.
+* See the vm-integration or tlv-mic branches for moonshot code that works with this. The requirement is that mutual_authentication needs to be provided in the established context
+* gss_userok is required from the krb5 library
+* The [[VM images|vmdk]] have these changes
+
*What does it do*
-* .
+* Provides RFC 4462 authentication and key exchange based on moonshot. In other words you can log in with ssh using Moonshot credentials
+* If the mechanism returns the local-login-user attribute (typically mapped using Shibboleth from a SAML attribute or RADIUS attribute), then that attribute controls what local accounts are acceptable
+* In other words federated authentication and authorization
+
*Tested clients*
-*.
+*Openssh
-----