kerberos auth for ssh2
Kevin J Kalupson
kjk137 at psu.edu
Wed Jul 27 20:24:57 EDT 2005
Hello,
I have a few of kerberos questions. Currently, users can log in to a
particular server via ssh and using their kerberos password.
1)My main goal is to implement kerberos authentication for ssh via
gssapi-with-mic. I have found a lot web sites where people claim to
have it working, but I have not experienced success yet.
To your knowledge, should this method now work with up to date
installations of openssh and kerberos and using ssh2?
2)I am using PAM auth modules. Currently, users can log in using their
kerberos password. If I am using PAM, do I need "extra" configuration
so that pam will ok the user that passes a gssapi-with-mic ticket is
authenticated, or does ssh forgo PAM when configured for gssapi-with-mic
tickets as well.
3)Are there other options besides gssapi-with-mic for ssh2 login with a
kerberos based ticket?
4)Does the kdc have to have special knowledge of the server that is
requesting authentication for a user via a forwarded ticket or does the
server making the request for this sort of auth simply just need to know
how to ask?
Thank you,
I appreciate any help.
--
Kevin J Kalupson * Programmer/Analyst
* Information Techhnology Services
* Teaching and Learning with Technology
* Pennsylvania State University
* 814-863-4590
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3236 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/krbdev/attachments/20050727/0761178f/attachment.bin
More information about the krbdev
mailing list