Ulrich Weber uweber at
Wed Apr 30 05:13:16 EDT 2003


you mabye also interrested in this modified GSSAPI Patch to fit 
openssh3.5p1 :
It's for MacosX, but works also under Linux. I had to modify the 
Makefile with : LIBS=-lresolv -lutil -lz -lnsl -lldap -llber -lcrypto 
-lcrypt -lgssapi -lkrb5 -lasn1 -lroken -lcom_err

also I found a gssapi ready putty version
anyone tried this ? works fine, but i can't forward my tickets with the 
SSPI Plugin (The RealmFlags in the registry are set to 4 !). MIT Plugin 
works !

peter duff wrote:

 > a couple of questions:
 > 1. Does the ssh client support running kinit (locally) to first 
attempt to
 > get a tgt if one doesnt exist?  This would be useful at the start of 
the day
 > if something like xlock or similar didnt get TGTs (ie when you unlock 
 > screen, it takes your password and authenticates you).

I don't think this works, couse kerberos is one authentication method of 
a whole list.


More information about the Kerberos mailing list