NewBie Problem with SSH Single Sign on
fjauernig@gmx.de
fjauernig at gmx.de
Wed May 28 10:53:46 EDT 2003
Hallo all,
I'm pretty new in kerberos, and I have some problems setting up a ssh single
sign on.
What I have:
SuSe 8.2 with Heimdal Kerberos and Openssh
Kerberos athentication is working. I can kinit against the kdc which gives
me a tgt
The pam_krb5 module is working, so I can achieve a tgt during login prozess.
What I would like to have...
When I login, and get my tgt, I would like to ssh to another host without a
need to reenter my password.
Of course I tried hard (as far as I know), to Implement this single sign on.
I edited the /etc/ssh/sshd_config, adding kerberos support, and I added
principals for both the host, and the user who should use the system. I then
exported the keytab from kadmin and copied and merged it to the keytab on the
host from which I want to ssh.
But when I trie to ssh -l user to the kdc, I alway get the message
"Permission Denied"
Does anyone has a glue where to start? Its good possible, that I would like
to have something which isn't possible the way I like to implement this.
Thanks so far
Florian
More information about the Kerberos
mailing list