Kerberos auth based on ticket
Russ Allbery
rra at stanford.edu
Mon Dec 15 19:01:17 EST 2008
Mathew Rowley <mathew_rowley at cable.comcast.com> writes:
> Well, that would make sense... Looking at the sshd and ssh configurations,
> it seems to be enabled on both. Is there some configuration I am missing?
>
> [root at ipa01 ~]# grep -i GSSAPI /etc/ssh/ssh_config
> GSSAPIAuthentication yes
> [root at ipa01 ~]# grep -i GSSAPI /etc/ssh/sshd_config
> # GSSAPI options
> GSSAPIAuthentication yes
> GSSAPICleanupCredentials yes
Your original pasted example showed you ssh'ing to user at localhost. Unless
you have a key for localhost in your keytab, that probably isn't going to
work. ssh authenticates to the hostname that you type on the command
line.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the Kerberos
mailing list