[24281] in Kerberos
Re: Windows SSH client that uses tickets not obtained from AD
daemon@ATHENA.MIT.EDU (vadim)
Tue Jul 12 02:33:59 2005
From: vadim <vadim.tarassov@swissonline.ch>
To: jay alvarez <kerber0sb0y@yahoo.com>
In-Reply-To: <20050712045937.38622.qmail@web32411.mail.mud.yahoo.com>
Content-Type: text/plain; charset=windows-1251
Date: Tue, 12 Jul 2005 08:33:14 +0200
Message-Id: <1121149994.4005.4.camel@localhost.localdomain>
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
cc: Jeffrey Altman <jaltman2@nyc.rr.com>
cc: kerberos@mit.edu
Errors-To: kerberos-bounces@mit.edu
Hallo,
another option would be to use ssh under cygwin - what actually I do.
You only have to compile ssh yourself with either Heimdal, or with MIT
Kerberos. You can obtain TGT using either kinit, or copy TGT from LSA to
an ording credentials cache using ms2mit program from KfW.
Regards, vadim tarassov.
On Mon, 2005-07-11 at 21:59 -0700, jay alvarez wrote:
> Hi Jeff,
> I've already been to that site as most of my google
> searches points me to it, but my problem is that the
> place I work in is a government institution which
> benifits mostly from tools that are opensource and
> free. Is there a freeware version of kermit?:)
>
>
> --- Jeffrey Altman <jaltman2@nyc.rr.com> wrote:
>
> > Kermit 95 <http://www.kermit-project.org/k95.html>
> > provides
> > support for SSH with GSS and it derives its tickets
> > from KFW.
> > The version distributed by Columbia University is
> > old and
> > not quite up to date but it works.
> >
> >
> >
> > jay alvarez wrote:
> > > Hi,
> > > Do you know any windows ssh client that can use
> > > gssapi authentication and not using SSPI(used by
> > > vintela and CSS putty versions)wherein it uses
> > tickets
> > > that were obtained from an Active Directory login?
> > I
> > > have downloaded KFW from MIT and I have
> > successfully
> > > obtain tickets using Leash. I tried to use
> > vintela's
> > > putty but I don't know how to tell it where Leash
> > put
> > > my tickets. The vintela docs says it will use the
> > > tickets obtained upon an Active Directory login.
> > In
> > > our case, we don't use AD service. BTW, just
> > curious,
> > > KFW says it places the tickets obtained from KDC
> > > inside the memory of the computer, I remembered my
> > > tickets when using kinit places it in /tmp of my
> > unix
> > > box. Is there a security issue here regarding the
> > use
> > > of /tmp as a storage of tickets against placing it
> > in
> > > the memory?
> > >
> > > Thanks.
> > >
> > > __________________________________________________
> > > Do You Yahoo!?
> > > Tired of spam? Yahoo! Mail has the best spam
> > protection around
> > > http://mail.yahoo.com
> > > ________________________________________________
> > > Kerberos mailing list Kerberos@mit.edu
> > > https://mailman.mit.edu/mailman/listinfo/kerberos
> > >
> >
> > --
> > -----------------
> > This e-mail account is not read on a regular basis.
> > Please send private responses to jaltman at mit dot
> > edu
> > ________________________________________________
> > Kerberos mailing list Kerberos@mit.edu
> > https://mailman.mit.edu/mailman/listinfo/kerberos
> >
>
>
>
>
> ____________________________________________________
> Sell on Yahoo! Auctions – no fees. Bid on great items.
> http://auctions.yahoo.com/
> ________________________________________________
> Kerberos mailing list Kerberos@mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
vadim <vadim.tarassov@swissonline.ch>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
