Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 28 Jul 2003 01:26:49 +0100
From:      Lewis Thompson <purple@lewiz.info>
To:        FreeBSD-questions <freebsd-questions@freebsd.org>
Subject:   Re: Kerberos / sshd
Message-ID:  <20030728002649.GA10147@lewiz.org>
In-Reply-To: <20030727160914.GA8683@lewiz.org>
References:  <20030727160914.GA8683@lewiz.org>

next in thread | previous in thread | raw e-mail | index | archive | help

--W/nzBZO5zC0uMSeA
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sun, Jul 27, 2003 at 05:09:14PM +0100, Lewis Thompson wrote:
>   I'm trying to get sshd to authenticate users via Kerberos.  I want to
> do this using a forwardable ticket (I get this by doing kinit -f).  I
> have the necessary host/fqdn@REALM and rcmd/fqdn@REALM entries in the
> krb5.keytab file in /etc.

I've realised what the problem was.  In order to use Kerberos support
with OpenSSH (sshd) I can't use SSH2.  sshing in like this:

ssh -1 server

works fine, doing all authentication with Kerberos tickets.

  Sorry for bothering people.

  Does anybody know why this isn't more readily documented?

-lewiz.

--=20
Intolerance is the last defense of the insecure.
------------------------------------------------------------------------
-| msn:purple@lewiz.net | jab:lewiz@jabber.org | url:http://lewiz.net |-

--W/nzBZO5zC0uMSeA
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (FreeBSD)

iD8DBQE/JG3JItq0KFQv7T8RAoSFAJ9k+riN/tELV6CCN9dpi/POG5DJbwCfWqfr
bXToupv0tJFHUp6UqlQj3zo=
=3TXB
-----END PGP SIGNATURE-----

--W/nzBZO5zC0uMSeA--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030728002649.GA10147>