[23987] in Kerberos
Re: Single sign-on with ssh (only unix)
daemon@ATHENA.MIT.EDU (Nathan Ollerenshaw)
Fri Jun 3 01:54:27 2005
In-Reply-To: <tslpsv4xb0c.fsf@cz.mit.edu>
Mime-Version: 1.0 (Apple Message framework v730)
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-Id: <A1A1F0C1-08DA-4077-8ACD-E7576E42B11C@valuecommerce.co.jp>
Content-Transfer-Encoding: 7bit
From: Nathan Ollerenshaw <nathan@valuecommerce.co.jp>
Date: Fri, 3 Jun 2005 14:53:31 +0900
To: Sam Hartman <hartmans@mit.edu>
cc: kerberos@mit.edu
Errors-To: kerberos-bounces@mit.edu
On Jun 3, 2005, at 2:30 PM, Sam Hartman wrote:
> I would not expect you to lose ticket forwarding. Are some of your
> machines set up to forward tickets (gssapidelegatecredentials yes) and
> some not?
Oh, I see:
serenity:~ chrome$ ssh -o "gssapidelegatecredentials yes" nuts.sys.intra
Last login: Fri Jun 3 14:42:02 2005 from 10.0.13.24
[chrome@nuts.sys.intra ~]$ ssh -o "gssapidelegatecredentials yes"
monster.sys.intra
Last login: Fri Jun 3 13:31:02 2005 from 10.0.13.24
[chrome@monster.sys.intra ~]$ ssh -o "gssapidelegatecredentials yes"
nuts.sys.intra
Last login: Fri Jun 3 14:50:50 2005 from 10.0.13.24
[chrome@nuts.sys.intra ~]$ ssh -o "gssapidelegatecredentials yes"
monster.sys.intra
Last login: Fri Jun 3 14:50:54 2005 from nuts.sys.intra
[chrome@monster.sys.intra ~]$ ssh -o "gssapidelegatecredentials yes"
nuts.sys.intra
Last login: Fri Jun 3 14:51:03 2005 from monster.sys.intra
[chrome@nuts.sys.intra ~]$ ssh -o "gssapidelegatecredentials yes"
monster.sys.intra
Last login: Fri Jun 3 14:51:03 2005 from nuts.sys.intra
[chrome@monster.sys.intra ~]$
Yeah, that works. Thanks!
I think I will write a howto and post it online for people working
with FC2/3/Macs/Solaris machines :)
Regards,
Nathan.
--
Nathan Ollerenshaw / Systems Engineer
Systems Engineering
ValueCommerce Co., Ltd.
Tokyo Bldg 4F 3-32-7 Hongo Bunkyo-ku Tokyo 113-0033 Japan
Tel. +81.3.3817.8995 Fax. +81.3.3812.4051
mailto:nathan@valuecommerce.co.jp
"It must be remembered that there is nothing more difficult
to plan, more doubtful of success nor more dangerous to
manage than the creation of a new system. For the initiator
has the enmity of all who profit by the preservation of the
old institution and merely lukewarm defenders in those who
would gain by the new one." - Nicolo Machiavelli
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
