>>>>> "LI" == Logarajan <[EMAIL PROTECTED]> writes:
LI> Hi, I have set up a Kerberos Server. I have created user
LI> principals on the server. I am able to get the tickets for the
LI> user from the KDC. I want to use this tickets for ssh and other
LI> logins. Can anyone help me on the same, how to configure SSH to
LI> use this tickets for authentication.
The main OpenSSH supports user authentication via GSS/Kerberos. Roughly:
- Make sure the server has a host principal (host/<fqdn>@REALM) and that
key is in the server's keytab (usually /etc/krb5.keytab).
- configure server:
GSSAPIAuthentication yes
- configure client:
GSSAPIAuthentication yes
PreferredAuthentications gssapi-with-mic,gssapi,...
- Try it.
Server authentication can be kerberized as well; the Debian ssh-krb5
package has this, as well as OpenSSH with the following patch:
http://www.sxw.org.uk/computing/patches/openssh.html
For this, additionally
--
Richard Silverman
[EMAIL PROTECTED]
________________________________________________
Kerberos mailing list [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos
