Kerberos with FileZilla

[Diego Pignedoli]

The identity is the default identity.
I think it's not so easy as I think and I am missing some particular 
setting.
Do I have to create a principal also for the service ftp or only for the 
identity who is logging?

That is what I did:
i) I activated ftp server service and set the firewall to permit inbound 
traffic on ftp ports
ii) i installed the NIM and activated the kerberos support service from 
windows services
iii) i did all the settings i have been asked from NIM

But when I test the filezilla with gss i get that msg.
I am really confused!

Diego

----- Original Message ----- 
From: "Jeffrey Altman" <jaltman at secure-endpoints.com>
To: <diego.pignedoli at fastwebnet.it>
Cc: <kerberos at mit.edu>
Sent: Sunday, June 17, 2007 8:24 PM
Subject: Re: Kerberos with FileZilla


> Diego Pignedoli wrote:
>> Hi,
>> I have just installed Network Identity Manager through the Kerberos for
>> Windows package, as I am using and friends uses FileZilla, which has a 
>> GSS
>> support. The fact is that, even if Network Identity Manager is correctly
>> installed, if I try to log with FileZilla on the server running ftp 
>> service
>> and kerberos service, I still get a message "Authentication failed, 
>> probably
>> a kerberos 5 ticket is not available. Consider running leash32 before".
>> But leash32 is running just when i start the OS (windows 2003 server).
>> So, what's I am missing?!
>>
>> Thanks for the help.
>> Diego
> There is no reason to run both Leash32 and NIM.
> For FileZilla to use the credentials obtained by NIM, the identity that
> has the credentials must be marked as the "default identity".  FileZilla
> does not know how to use non-default identities.
>
> Jeffrey Altman
> Secure Endpoints Inc.
>
>
>