gssapi/openssh
Ulrich Weber
uweber at epost.de
Wed Apr 30 05:13:16 EDT 2003
Hi,
you mabye also interrested in this modified GSSAPI Patch to fit
openssh3.5p1 : http://home.fnal.gov/~pdbarnes/openSSH.html
It's for MacosX, but works also under Linux. I had to modify the
Makefile with : LIBS=-lresolv -lutil -lz -lnsl -lldap -llber -lcrypto
-lcrypt -lgssapi -lkrb5 -lasn1 -lroken -lcom_err
also I found a gssapi ready putty version
http://www.certifiedsecuritysolutions.com/downloads.html
anyone tried this ? works fine, but i can't forward my tickets with the
SSPI Plugin (The RealmFlags in the registry are set to 4 !). MIT Plugin
works !
peter duff wrote:
> a couple of questions:
> 1. Does the ssh client support running kinit (locally) to first
attempt to
> get a tgt if one doesnt exist? This would be useful at the start of
the day
> if something like xlock or similar didnt get TGTs (ie when you unlock
your
> screen, it takes your password and authenticates you).
I don't think this works, couse kerberos is one authentication method of
a whole list.
Bye
Ulrich
More information about the Kerberos
mailing list