~~Using Kerberos tickets for ssh ~~

Logarajan I logarajan at riskspan.com
Fri Mar 10 06:47:43 EST 2006

Hi Ricahrd,

                Thanks for the update.  I have servers running on
RHES4,RHES3 and RedHat Linux 7.2.  

Kerberos 5 is the KDC.

With RHEL4, i have the option GSSAPIAuthintication and the
authentication works welll.

But with RHEL3 and RedHat Linux 7.2, i don't have the option.  How to
proceed with the same.  

I have windows XP desktops.  How to get it work with Kerberos server and
how to use the ticket for the servers.

Thanks in Advance.

Logarajan I.

On Wed, 2006-03-08 at 21:17 -0500, Richard E. Silverman wrote:

> >>>>> "LI" == Logarajan  <logarajan at riskspan.com> writes:
>     LI> Hi, I have set up a Kerberos Server.  I have created user
>     LI> principals on the server.  I am able to get the tickets for the
>     LI> user from the KDC.  I want to use this tickets for ssh and other
>     LI> logins.  Can anyone help me on the same, how to configure SSH to
>     LI> use this tickets for authentication.
> The main OpenSSH supports user authentication via GSS/Kerberos.  Roughly:
> - Make sure the server has a host principal (host/<fqdn>@REALM) and that
>   key is in the server's keytab (usually /etc/krb5.keytab).
> - configure server:
>     GSSAPIAuthentication yes
> - configure client:
>     GSSAPIAuthentication yes
>     PreferredAuthentications gssapi-with-mic,gssapi,...
> - Try it.
> Server authentication can be kerberized as well; the Debian ssh-krb5
> package has this, as well as OpenSSH with the following patch:
> http://www.sxw.org.uk/computing/patches/openssh.html
> For this, additionally 

More information about the Kerberos mailing list