[19145] in Kerberos
Re: gssapi/openssh
daemon@ATHENA.MIT.EDU (Ulrich Weber)
Wed Apr 30 05:28:26 2003
From: Ulrich Weber <uweber@epost.de>
Date: Wed, 30 Apr 2003 11:13:16 +0200
Message-ID: <b8o3to$17vq$1@fluffy.foo.fh-furtwangen.de>
To: kerberos@MIT.EDU
Errors-To: kerberos-bounces@mit.edu
Hi,
you mabye also interrested in this modified GSSAPI Patch to fit
openssh3.5p1 : http://home.fnal.gov/~pdbarnes/openSSH.html
It's for MacosX, but works also under Linux. I had to modify the
Makefile with : LIBS=-lresolv -lutil -lz -lnsl -lldap -llber -lcrypto
-lcrypt -lgssapi -lkrb5 -lasn1 -lroken -lcom_err
also I found a gssapi ready putty version
http://www.certifiedsecuritysolutions.com/downloads.html
anyone tried this ? works fine, but i can't forward my tickets with the
SSPI Plugin (The RealmFlags in the registry are set to 4 !). MIT Plugin
works !
peter duff wrote:
> a couple of questions:
> 1. Does the ssh client support running kinit (locally) to first
attempt to
> get a tgt if one doesnt exist? This would be useful at the start of
the day
> if something like xlock or similar didnt get TGTs (ie when you unlock
your
> screen, it takes your password and authenticates you).
I don't think this works, couse kerberos is one authentication method of
a whole list.
Bye
Ulrich
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
