~~Using Kerberos tickets for ssh ~~
Logarajan I
logarajan at riskspan.com
Fri Mar 10 06:47:43 EST 2006
Hi Ricahrd,
Thanks for the update. I have servers running on
RHES4,RHES3 and RedHat Linux 7.2.
Kerberos 5 is the KDC.
With RHEL4, i have the option GSSAPIAuthintication and the
authentication works welll.
But with RHEL3 and RedHat Linux 7.2, i don't have the option. How to
proceed with the same.
I have windows XP desktops. How to get it work with Kerberos server and
how to use the ticket for the servers.
Thanks in Advance.
Thanks
Logarajan I.
On Wed, 2006-03-08 at 21:17 -0500, Richard E. Silverman wrote:
> >>>>> "LI" == Logarajan <logarajan at riskspan.com> writes:
>
> LI> Hi, I have set up a Kerberos Server. I have created user
> LI> principals on the server. I am able to get the tickets for the
> LI> user from the KDC. I want to use this tickets for ssh and other
> LI> logins. Can anyone help me on the same, how to configure SSH to
> LI> use this tickets for authentication.
>
> The main OpenSSH supports user authentication via GSS/Kerberos. Roughly:
>
> - Make sure the server has a host principal (host/<fqdn>@REALM) and that
> key is in the server's keytab (usually /etc/krb5.keytab).
>
> - configure server:
> GSSAPIAuthentication yes
>
> - configure client:
> GSSAPIAuthentication yes
> PreferredAuthentications gssapi-with-mic,gssapi,...
>
> - Try it.
>
> Server authentication can be kerberized as well; the Debian ssh-krb5
> package has this, as well as OpenSSH with the following patch:
>
> http://www.sxw.org.uk/computing/patches/openssh.html
>
> For this, additionally
>
More information about the Kerberos
mailing list