[31991] in Kerberos
Re: openssh + kerberos + windows ad
daemon@ATHENA.MIT.EDU (Jackson)
Thu Jan 28 13:17:24 2010
Message-ID: <280172.40230.qm@web52103.mail.re2.yahoo.com>
Date: Thu, 28 Jan 2010 06:52:15 -0800 (PST)
From: Jackson <jakrainer@yahoo.com>
To: Marcello Mezzanotti <marcello.mezzanotti@gmail.com>,
Bob Rasmussen <ras@anzio.com>
In-Reply-To: <Pine.LNX.4.64ras.1001060627320.16678@nimbus.anzio.com>
MIME-Version: 1.0
Cc: secureshell-return-10634@securityfocus.com, secureshell@securityfocus.com,
kerberos@mit.edu
Content-Type: text/plain; charset="iso-8859-1"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Hello there,
Quest provides a PUTTY version with GSSAPI enabled:
http://rc.quest.com/topics/putty/
It works fine.
Regards,
Jackson
--- Em qua, 6/1/10, Bob Rasmussen <ras@anzio.com> escreveu:
> De: Bob Rasmussen <ras@anzio.com>
> Assunto: Re: openssh + kerberos + windows ad
> Para: "Marcello Mezzanotti" <marcello.mezzanotti@gmail.com>
> Cc: kerberos@mit.edu, secureshell@securityfocus.com, secureshell-return-10634@securityfocus.com
> Data: Quarta-feira, 6 de Janeiro de 2010, 6:30
> On Wed, 6 Jan 2010, Marcello
> Mezzanotti wrote:
>
> > Bob,
> >
> > What exactly you want to know? :)
>
> 1) What version(s) of PuTTY work in your environment? Did
> you try the
> developer's build from the official PuTTY site?
>
> 2) Did you have to create a keytab file on the AD server,
> and transfer it
> to the SSH server? How exactly did you do this?
>
> 3) Did you find online documents that were especially
> helpful? What were
> they?
>
> Thanks.
>
> >
> >
> >
> > On Mon, Jan 4, 2010 at 9:18 PM, Bob Rasmussen <ras@anzio.com>
> wrote:
> > > I am attempting the same thing myself, almost.
> Please provide as many
> > > details as you can.
> > >
> > > My AD server is a 2008 Server box, my client is a
> Windows 2000 box, trying
> > > to use Windows PuTTY to log in to a Linux box
> that is running OpenSSH.
> > >
> > > I also am running WireShark (formerly Ethereal)
> to monitor the network, so
> > > I can see Kerberos transactions - those that work
> and those that fail.
> > >
> > > The PuTTY I am trying is, I think, an unreleased
> version from the official
> > > website. It has calls to GSSAPI.
> > >
> > > At this point I get messages about an illegal
> flag being set. I see these
> > > in WireShark.
> > >
> > > I'd appreciate any help.
> > >
> > > On Mon, 4 Jan 2010, Marcello Mezzanotti wrote:
> > >
> > >> I just did :)
> > >>
> > >> the problem was the keytab, i created using
> linux command "net ads
> > >> keytab create",
> > >>
> > >> i tested both linux ssh client and putty
> > >> (PuTTY-0.58-GSSAPI-2005-07-24, i tested with
> another patched putty
> > >> client, worked, but it didnt created/forwared
> my ticket) and all
> > >> worked fine.
> > >>
> > >> Is "Kerberos for Windows" necessary for
> Windows/Putty?
> > >>
> > >> Thank you all for help.
> > >>
> > >> Thank you,
> > >> Marcello
> > >>
> > >> --
> > >> Marcello Mezzanotti <marcello.mezzanotti@gmail.com>
> > >> http://blogdomarcello.wordpress.com
> > >> Information Security
> > >> UNIX / Linux / *BSD
> > >>
> > >>
> > >
> > > Regards,
> > > ....Bob Rasmussen, President, Rasmussen
> Software, Inc.
> > >
> > > personal e-mail: ras@anzio.com
> > > company e-mail: rsi@anzio.com
> > > voice: (US) 503-624-0360 (9:00-6:00
> Pacific Time)
> > > fax: (US) 503-624-0760
> > > web: http://www.anzio.com
> > > street address: Rasmussen Software, Inc.
> > > 10240 SW Nimbus, Suite
> L9
> > > Portland, OR 97223
> USA
> > >
> >
> >
> >
> > --
> > Marcello Mezzanotti <marcello.mezzanotti@gmail.com>
> > http://blogdomarcello.wordpress.com
> > Information Security
> > UNIX / Linux / *BSD
> >
> >
>
> Regards,
> ....Bob
> Rasmussen, President, Rasmussen
> Software, Inc.
>
> personal e-mail: ras@anzio.com
> company e-mail: rsi@anzio.com
> voice: (US) 503-624-0360
> (9:00-6:00 Pacific Time)
> fax: (US)
> 503-624-0760
> web: http://www.anzio.com
> street address: Rasmussen Software, Inc.
>
> 10240 SW Nimbus, Suite L9
>
> Portland, OR 97223 USA
____________________________________________________________________________________
Veja quais são os assuntos do momento no Yahoo! +Buscados
http://br.maisbuscados.yahoo.com
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
