On Sun, Nov 4, 2018 at 4:44 PM Mantas Mikulėnas <grawity@gmail.com> wrote:

> Kerberos exists too, but somewhat less common – FreeIPA includes it by
> default, but many people just piggyback on LDAP bind as password-based
> authentication and use SSH keys for passwordless (because apparently
> protocols other than SSH and HTTPS don't exist anymore). The MIT Kerberos 5
> suite is still actively maintained and receives new features, such as
> S-PAKE), whereas Heimdal appears to be on life support.
>

FreeBSD has Heimdal. We switched over a long time ago when MIT Kerberos 5
at MIT looked like it was going to die. Now the roles have somewhat
reversed.

Warner