ssh
Srinivas Cheruku
csri at sonata-software.com
Thu Apr 11 04:15:00 EDT 2002
1. Apply the Kerberos patch and then the Openssh-gssapi patch.
2. Run the autoreconf after applying the patches. (autoreconf version should
be later than 2.50)
#autoreconf
3. # ./configure --with-pam --with-kerberos5=<MIT Kerberos Installation
path>
--sysconfdir=/etc/ssh
4. #make
5. #make install
No need of changing the /etc/ssh/sshd_config file. By default it makes use
of Kerberos Authentication.
6.Start the sshd daemon.
# /usr/local/sbin/sshd
#
7. Get a TGT from the MIT KDC.
$./kinit -f user at REALM.COM
Extract the service key of the host principal to keytab file.
8. Connect to the sshd server using ssh client
$ ssh -v hostname
Then, the ssh client contacts MIT KDC and gets a service ticket for host. It
also forwards the TGT to the secure shell.
9. When you type klist in the shell, then you can see the forwarded TGT.
Good Luck,
Srini
-----Original Message-----
From: klaas hagemann [mailto:klaas at northsailor.de]
Sent: Thursday, April 11, 2002 1:36 PM
To: Srinivas Cheruku; kerberos at mit.edu
Subject: Re: ssh
SSH Kompiling seems to be ok, i compiled it without errors with
./configure --with-pam --with-kerberos5=/usr/local
Befort i applied the patches and ran autoconf.
I am not sure with these configuratioen files, is it possible für you to
send me yours?
Thanks,
Klaas
----- Original Message -----
From: Srinivas Cheruku <mailto:csri at sonata-software.com>
To: kerberos at mit.edu <mailto:kerberos at mit.edu>
Sent: Thursday, April 11, 2002 5:46 AM
Subject: RE: ssh
Run the ssh client in verbose mode.
$ssh -v hostname
More information about the Kerberos
mailing list