Putty + GSSAPI from W2k3 terminal server to linux openssh daemon
Jonathan Barber
j.barber at dundee.ac.uk
Fri Oct 31 06:00:53 EDT 2008
We're recently introduced kerberos to our unix infrastructure and have
it working for ssh'ing from and to unix hosts, so are now trying to
configuring Windows as an ssh client.
Our first Windows client is a 2003 terminal server joined to a NT4 style
domain (provided by samba).
We've been following the instructions from here:
http://glast-ground.slac.stanford.edu/workbook/pages/getting_connected/ssh_forwindows.htm
And have successfully installed and configured NetIDMgr 1.3.1.0 and can
authenticate against our KDC as our principals and get tickets with
NetIDMgr.
After downloading putty from here:
http://web.mit.edu/jaltman/Public/putty-0.59-with-gssapi.zip
and copying the dll's from the MIT NetIDMgr install to
C:\Windows\system32, we get the following message from putty when we try
to connect to a kerberised ssh server:
Event Log: GSSAPI error: Unspecified GSS failure. Minor code may provide more information
Event Log: GSSAPI mech specific error: Cannot resolve network address for KDC in requested realm
The same ssh server works fine from a linux client with the same
principal.
AFAIK DNS is correctly configured for the terminal server, can anyone
shed any light on what might be going on?
Regards.
--
Jonathan Barber
High Performance Computing Analyst
Tel. +44 (0) 1382 386389
More information about the Kerberos
mailing list