Single sign-on with ssh (only unix)
Nathan Ollerenshaw
nathan at valuecommerce.co.jp
Fri Jun 3 01:53:31 EDT 2005
On Jun 3, 2005, at 2:30 PM, Sam Hartman wrote:
> I would not expect you to lose ticket forwarding. Are some of your
> machines set up to forward tickets (gssapidelegatecredentials yes) and
> some not?
Oh, I see:
serenity:~ chrome$ ssh -o "gssapidelegatecredentials yes" nuts.sys.intra
Last login: Fri Jun 3 14:42:02 2005 from 10.0.13.24
[chrome at nuts.sys.intra ~]$ ssh -o "gssapidelegatecredentials yes"
monster.sys.intra
Last login: Fri Jun 3 13:31:02 2005 from 10.0.13.24
[chrome at monster.sys.intra ~]$ ssh -o "gssapidelegatecredentials yes"
nuts.sys.intra
Last login: Fri Jun 3 14:50:50 2005 from 10.0.13.24
[chrome at nuts.sys.intra ~]$ ssh -o "gssapidelegatecredentials yes"
monster.sys.intra
Last login: Fri Jun 3 14:50:54 2005 from nuts.sys.intra
[chrome at monster.sys.intra ~]$ ssh -o "gssapidelegatecredentials yes"
nuts.sys.intra
Last login: Fri Jun 3 14:51:03 2005 from monster.sys.intra
[chrome at nuts.sys.intra ~]$ ssh -o "gssapidelegatecredentials yes"
monster.sys.intra
Last login: Fri Jun 3 14:51:03 2005 from nuts.sys.intra
[chrome at monster.sys.intra ~]$
Yeah, that works. Thanks!
I think I will write a howto and post it online for people working
with FC2/3/Macs/Solaris machines :)
Regards,
Nathan.
--
Nathan Ollerenshaw / Systems Engineer
Systems Engineering
ValueCommerce Co., Ltd.
Tokyo Bldg 4F 3-32-7 Hongo Bunkyo-ku Tokyo 113-0033 Japan
Tel. +81.3.3817.8995 Fax. +81.3.3812.4051
mailto:nathan at valuecommerce.co.jp
"It must be remembered that there is nothing more difficult
to plan, more doubtful of success nor more dangerous to
manage than the creation of a new system. For the initiator
has the enmity of all who profit by the preservation of the
old institution and merely lukewarm defenders in those who
would gain by the new one." - Nicolo Machiavelli
More information about the Kerberos
mailing list