cross realm trust
aydin
aydin at prosoft.com.tr
Mon May 2 09:38:31 EDT 2011
Hi all,
I am trying to setup a cross realm authentication between microsoft and mit kerberos
running on rhel.
Mit kerberos realm is going to trust to ms realm.
Both kdc'a are running fine in their own realms.
We have set up principals on both kdc's.
krbtgt/mit.realm at ms.realm
A windows client tries to open an ssh connection to a linux system.
Windows client asks krbtgt/mit.realm at ms.realm ticket to its own kdc and
gets the ticket.
This is the point that i get confused and need your help.
Ms client than requests host/sshserver.mit.realm.
As far as I know first both kdc's has to share krbtgt ticket to establish a trust
relation first.
Does anyone knows how this should work.
Regards,
Aydin
More information about the Kerberos
mailing list