Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- Kerberizing SSHD configuration questions
- Mark Faine
April 17, 2006, 2:43 pm
rate this thread
to SSHD? Assuming an SSHD that has been built to support Kerberos.
Creating a Kerberized SSH Service.
Create a host principal for the SSH server in the kerberos database.
Export this server information to a .keytab file and securely copy it
to the Linux Host server.
Use krutil command to import the keytab file.
Configure SSHD to use GSAPPI for authentication
I am working with our ADS administrators and they have never done this
before. Neither have I so I was hoping someone here could help.
----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+
----= East and West-Coast Server Farms - Total Privacy via Encryption =----
- Richard E. Silverman
April 17, 2006, 11:31 pm
Re: Kerberizing SSHD configuration questions
You haven't said what KDC you're using.
I'm not sure what this means - if it's a "keytab" file it should be ready
to use as is. Perhaps you mean using "ktutil" to merge the new principal
keys into an existing keytab.
That's the general process, yes, but there are client issues of course --
the client has to be kinit, and usually determine the realm of the server
(although the Microsoft implementation punts that responsibility to the
domain controller by means of Kerberos "referrals.")
- » protocol question - issue with exit-status inside unfinished data stream?
- — Newest thread in » Secure Shell Forum