Putty + GSSAPI from W2k3 terminal server to linux openssh daemon
Douglas E. Engert
deengert at anl.gov
Fri Oct 31 13:25:21 EDT 2008
Stephen Frost wrote:
> * Jonathan Barber (j.barber at dundee.ac.uk) wrote:
>> We don't have any particular preference WRT ssh clients, putty was just
>> choosen as our test as it's what we have used in the past.
>
> This thread got me curious, and it appears that ~2 months ago, GSSAPI
> support was committed to the PuTTY subversion tree. Anyone tried it?
Thanks for the tip. I too have complained for years about this, and
it nice to see the PuTTY people are adding GSSAPI.
This was the easies shared source Windows build I have seen!
I did an svn checkout on Unix to a shared file system (AFS) ran the
./mkfiles.pl on Unix, then from XP in their windows directory
nmake -f Makefile.vc (Visual Studio 8)
As compared to http://sweb.cz/v_t_m/#putty, they did
change the names of some flags in the registry. GssapiFwd was GSSAPIFwdTGT,
GSSAPIServerRealm is not defined. But these are minor.
And it works!
The v_t_m version could use either the Microsoft SSPI, or the MIT GSSAPI
as implemented bi the MIT gssapi32.dll. The new PuTTY only does SSPI
so there are some implications if you are trying to use this from a
non-windows domain machine. (But runas could be used.)
> I'd love to move off of all of these hacked/patched versions of PuTTY
> that are floating around. We're currently using
> http://sweb.cz/v_t_m/#putty but in the past we've used a variety of
> things. :/
>
> Thanks!
>
> Stephen
>
>
> ------------------------------------------------------------------------
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <DEEngert at anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
More information about the Kerberos
mailing list