SSH configuration
|
View:
New views
7 Messages
—
Rating Filter:
Alert me
|
 |
SSH configuration
by Abhishek Chowdhury
::
Rate this Message:
I want to configure passwordless ssh after successful kinit.
for that I have to change configurations in etc/ssh_config: GSSAPIAuthentication yes GSSAPIDelegateCredentials yes but we dont have these options in ssh_config file? any pointers in this regard? |
|
|
Re: SSH configuration
by Edward Irvine at home-2
::
Rate this Message:
Hi,
On 29/07/2008, at 6:43 PM, Abhishek Chowdhury wrote: > > I want to configure passwordless ssh after successful kinit. > > for that I have to change configurations in etc/ssh_config: > > > GSSAPIAuthentication yes > GSSAPIDelegateCredentials yes > > but we dont have these options in ssh_config file? The GSSAPI directives may still be valid for your system. Suggest reading the man pages. man ssh_config man sshd_config > What version of UNIX/Linux are you using? > any pointers in this regard? > -- > View this message in context: http://www.nabble.com/SSH- > configuration-tp18707809p18707809.html > Sent from the Kerberos - General mailing list archive at Nabble.com. > > ________________________________________________ > Kerberos mailing list Kerberos@... > https://mailman.mit.edu/mailman/listinfo/kerberos > > ________________________________________________ Kerberos mailing list Kerberos@... https://mailman.mit.edu/mailman/listinfo/kerberos |
|
|
Re: SSH configuration
by bodik
::
Rate this Message:
hi,
I think, that you also need: * krb5.conf a proper configuration for your realm * sshd_config KerberosAuthentication yes KerberosOrLocalPasswd yes KerberosTicketCleanup yes * ssh_config GSSAPIAuthentication yes GSSAPIDelegateCredentials yes * pam.d/ssh pam_krb5.so * krb5.keytab service key in keytab for host (to establish a trust between service and KDC) >> any pointers in this regard? there should be many howto's out there, but just now i cann't find any suitable walkthrough. but this looks fine (i didn't read it :) http://www.visolve.com/security/ssh_kerberos.php bodik ________________________________________________ Kerberos mailing list Kerberos@... https://mailman.mit.edu/mailman/listinfo/kerberos |
|
|
|
|
|
Re: SSH configuration
by Abhishek Chowdhury
::
Rate this Message:
|
|
|
RE: SSH configuration
by Paul Moore-3
::
Rate this Message:
Start sshd on a private port with -dddde
Start ssh client with -vvv You can ususally see the casue then Do you have a .krb5login file? This is needed if the stripped upn != unix name -----Original Message----- From: kerberos-bounces@... [mailto:kerberos-bounces@...] On Behalf Of Abhishek Chowdhury Sent: Wednesday, July 30, 2008 7:05 AM To: kerberos@... Subject: Re: SSH configuration > I am getting the initial krtgt ticket and the service ticket also when > I am trying to do ssh. But still the ssh is asking for passowrd. I > have done the configuration required in the ssh and sshd file. > > bodik wrote: > > hi, > > I think, that you also need: > > * krb5.conf > a proper configuration for your realm > > * sshd_config > KerberosAuthentication yes > KerberosOrLocalPasswd yes > KerberosTicketCleanup yes > > * ssh_config > > GSSAPIAuthentication yes > GSSAPIDelegateCredentials yes > > * pam.d/ssh > pam_krb5.so > > * krb5.keytab > service key in keytab for host > (to establish a trust between service and KDC) > >>> any pointers in this regard? > there should be many howto's out there, but just now i cann't find any > suitable walkthrough. but this looks fine (i didn't read it :) > > http://www.visolve.com/security/ssh_kerberos.php > > bodik > ________________________________________________ > Kerberos mailing list Kerberos@... > https://mailman.mit.edu/mailman/listinfo/kerberos > > -- View this message in context: http://www.nabble.com/SSH-configuration-tp18707809p18729232.html Sent from the Kerberos - General mailing list archive at Nabble.com. ________________________________________________ Kerberos mailing list Kerberos@... https://mailman.mit.edu/mailman/listinfo/kerberos ________________________________________________ Kerberos mailing list Kerberos@... https://mailman.mit.edu/mailman/listinfo/kerberos |
|
|
Re: SSH configuration
by Abhishek Chowdhury
::
Rate this Message:
|
| Free embeddable forum powered by Nabble | Forum Help |
