[30415] in Kerberos
Re: Putty + GSSAPI from W2k3 terminal server to linux openssh daemon
daemon@ATHENA.MIT.EDU (Douglas E. Engert)
Wed Nov 5 16:45:44 2008
Message-ID: <491213CE.9080608@anl.gov>
Date: Wed, 05 Nov 2008 15:44:46 -0600
From: "Douglas E. Engert" <deengert@anl.gov>
MIME-Version: 1.0
To: "Richard E. Silverman" <res@qoxp.net>
In-Reply-To: <m27i7i41ao.fsf@darwin.oankali.net>
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Richard E. Silverman wrote:
>>>>>> "res" == Richard E Silverman <res@qoxp.net> writes:
>
>>>>>> "petesea" == petesea <petesea@bigfoot.com> writes:
> petesea> On Fri, 31 Oct 2008, deengert@anl.gov wrote:
> >>> The v_t_m version could use either the Microsoft SSPI, or the MIT
> >>> GSSAPI as implemented bi the MIT gssapi32.dll. The new PuTTY only
> >>> does SSPI so there are some implications if you are trying to use
> >>> this from a non-windows domain machine. (But runas could be used.)
>
> petesea> That's unfortunate, I wish they would implement both methods.
>
> petesea> I also wish they would implement GSSAPI Key Exchange, to
> petesea> avoid the need to maintain host keys on the client. I
> petesea> haven't found any implementation of PuTTY that supports both
> petesea> MIT GSSAPI and GSSAPI Key Exchange.
>
> res> http://rc.quest.com/topics/PuTTY/
>
> Oops, you said *MIT* GSSAPI. Indeed. FYI, in the commercial world,
> SecureCRT does this.
Yes and it is a fine product. The problem we see, is many third party
packages come with the PuTTY plink.exe program under the covers, some
with some version of GSSAPI(or SSPI), but not all. It would be nice if
the base PuTTY code had the gssapi built in.
>
> res> -- Richard Silverman res@qoxp.net
>
>
--
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
